My observation of comments on Facebook (and other social media sites) suggest that there is considerable confusion between cloning and hacking.
Cloning does NOT involve someone getting into your account, so your password isn’t compromised. Hacking (on the other hand) DOES mean that someone has gained unauthorised access to your account, and you will need to regain control and change your password.
So cloning a Facebook account is NOT hacking; it’s when someone copies your personal details and tricks your friends and others into thinking it’s you. It can happen because your security settings allow the general public to see your friends list. Cloning can’t be prevented, but it’s less likely if you set the visibility of your friends list to [Friends only].
You can prevent hacking (when your account IS compromised) by setting up two-step verification; this simply involves a verification code being sent to a previously nominated mobile phone when there’s a login attempt from any new browser or device. This way, you are alerted to someone attempting to hack your account before it happens, and can deal with it.
Two-step verification is widely available for many websites.
People often complain about Facebook (and rightly so sometimes), but the tools needed to limit cloning or prevent hacking are already available, and have been for a considerable time. They take very little effort to set up, but may prevent big problems later on.
Spend a few minutes every so often to review your security settings on Facebook and other websites, you know it makes sense.
See also: Spotting Hoaxes and Scams Online