Don't believe everything you are told. Change your password now, to be safe. ( Use at least one lowercase character, at least one uppercase character, at least one numeric value, and the whole password should be at least 8 characters long for security. )
Example; Make up a misspelling that you will remember. (01axxenTS) Don't use the example. It is easy to remember, but impossible to guess.
You should try to contact Facebook support if your account got hacked. They will provide you with the required link for resetting your password if your email address is still valid. You should try using a strong password and be careful with the friend you accept online.