Discord has grown from a niche gaming chat app into a platform with over 200 million monthly active users, hosting communities for everything from study groups and creative projects to professional networks and cryptocurrency trading. But with that growth comes significant privacy risks. Discord collects extensive data about your activity, and the platform's open nature means you are constantly exposed to unsolicited messages, phishing links, and potential harassment. Here is how to lock down your Discord privacy settings and protect your personal information.
Configure Your Privacy and Safety Settings
Discord's main privacy controls are located in one central area. To access them:
- Click the gear icon next to your username to open User Settings
- Navigate to Privacy & Safety in the left sidebar
This is where you will find the most important privacy toggles. Let us walk through each one.
Safe Direct Messaging
Discord can automatically scan direct messages for explicit content. Set this to "Keep me safe" to filter DMs from everyone, or "My friends are nice" to only scan messages from non-friends. This helps filter out unsolicited explicit images, which are unfortunately common on the platform.
Server Default Privacy Settings
Under Privacy & Safety, look for the default settings applied when you join new servers. Disable "Allow direct messages from server members" to prevent random people in shared servers from messaging you. This is one of the most important settings to change — without it, anyone who shares a server with you can send you direct messages.
Why Disabling Server DMs Matters
Many Discord scams start with an unsolicited direct message from someone in a shared server. By disabling "Allow direct messages from server members" by default, you block the most common vector for phishing links, fake giveaway scams, and social engineering attacks. You can always enable DMs for specific trusted servers where you need to communicate with other members.
Control Friend Request Settings
By default, Discord allows anyone to send you a friend request. To tighten this:
- Go to User Settings > Privacy & Safety (or Friend Requests section)
- Choose who can send you friend requests:
- Everyone: Anyone on Discord can send you a request (least private)
- Friends of Friends: Only users who share a mutual friend can request you
- Server Members: Only people in shared servers can send requests
For maximum privacy, limit friend requests to Friends of Friends or disable all categories except trusted sources. This prevents strangers from finding and contacting you.
Manage Data Privacy Controls
Discord collects data about how you use the platform and may use it for personalization and advertising. To limit this:
- Go to User Settings > Privacy & Safety
- Scroll to the "How We Use Your Data" section
- Toggle off the following:
- "Use data to personalize my Discord experience" — prevents Discord from using your activity data to customize what you see
- "Use data to improve Discord" — prevents Discord from using your usage data for product development
- "Allow use of data for ad personalization" — prevents your data from being used to target ads on and off Discord
- "In-game rewards" — prevents sharing of data related to gaming activity
Also consider requesting a copy of your data (available in the same section) to see exactly what Discord has collected about you.
Control Your Activity Privacy
Discord can broadcast what you are currently doing — including which games you are playing, what music you are listening to on Spotify, and other connected app activity. To manage this:
- Go to User Settings > Activity Privacy
- Toggle off "Display current activity as a status message"
This prevents other users from seeing your real-time activity. While it might seem harmless to show what game you are playing, this information can be used to build a profile of your habits, track when you are online, and even social-engineer you with targeted messages about shared interests.
Beware of Suspicious Links in DMs
Never click links in Discord DMs from people you do not know — even if they appear to come from a friend. Account takeover attacks are common on Discord, where a compromised account sends phishing links to everyone on its friends list. These links often claim to offer free Nitro, game beta access, or a "cool project" to check out. If a friend sends you an unexpected link, verify with them through another channel before clicking.
Enable Two-Factor Authentication
Two-factor authentication (2FA) is essential for protecting your Discord account from unauthorized access. To enable it:
- Go to User Settings > My Account
- Click "Enable Two-Factor Auth"
- Download an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator)
- Scan the QR code and enter the verification code
- Download your backup codes and store them in a safe place — if you lose access to your authenticator app, these are the only way to recover your account
With 2FA enabled, anyone who obtains your password still cannot access your account without the second factor. This is critical given that Discord account theft is widespread and often used to send spam and phishing links to your contacts.
Do Not Use Your Real Name as Your Username
This might seem obvious, but many people use their real first name, last name, or a combination as their Discord username or display name. Your Discord username is visible to everyone in shared servers, and it can be used to find your other social media accounts, look you up on people-search sites, or connect your Discord activity to your real identity.
Choose a username that does not contain:
- Your real name or initials
- Your birth year
- Your location
- A username you use on other platforms (which enables cross-platform tracking)
Be Careful with Linked Accounts
Discord allows you to link external accounts including Spotify, Xbox, PlayStation, Steam, Twitch, YouTube, Reddit, and others. While convenient, each linked account exposes additional information:
- Your username on other platforms becomes visible on your Discord profile
- People can use these linked usernames to find your other accounts and build a more complete picture of your identity
- Connected accounts may share activity data back to Discord
Review your linked accounts in User Settings > Connections and remove any that you do not actively need. For accounts you keep linked, check whether the "Display on profile" toggle is enabled and disable it if you do not want others to see it.
Server-Specific Privacy Settings
Each server you join has its own privacy implications. For every server:
- Right-click the server icon and select Privacy Settings
- Review whether DMs are enabled for that specific server
- Consider whether you want your activity shared with that server's members
- Leave servers you no longer actively participate in — each one increases your exposure
Be especially cautious about large public servers with thousands of members. These are common hunting grounds for scammers and bad actors who target users through DMs.
Protect Your Broader Digital Footprint
Even with perfect Discord settings, your personal information may be available on data broker and people-search sites — and anyone who learns your real name from Discord can look you up on these sites to find your home address, phone number, email, and more. This is how doxxing attacks often work: someone discovers your real name through a server interaction or linked account, then uses public databases to find everything else.
PrivacyOn removes your personal information from over 100 data broker sites, making it significantly harder for anyone to doxx you or connect your Discord identity to your real-world information. With 24/7 monitoring, dark web scanning, and family plans covering up to 5 people starting at $8.33 per month, PrivacyOn provides an essential layer of protection that complements your Discord privacy settings.