Facebook will be adding two new security features that will allow users to regain control of their account if it gets hijacked and to use a unique password for different third party applications that require logging in with Facebook credentials.
The first feature can be compared to giving a copy of your house key to a set of friends, except that you have to gather all the keys in order to enter the house.
In Facebook’s case, the keys are codes, and the user can choose from three to five “trusted friends” who are then provided with a code. If you ever get locked out of your account (and you can’t access your email to follow the link after resetting your Facebook password), you gather all the codes and use them to gain access to it again:
As easy and simple as this might sound, I can’t help but wonder what’s stopping the intruder to simply change the designated trusted friends once he takes control of the account. It seems impossible that Facebook developers haven’t thought of this possibility, but I guess will have to wait for the introduction of the feature to find out the solution they thought of.
The second feature will be welcomed with open arms by all users who are too paranoid to use their Facebook login credentials to log in into third party apps.
Facebook will allow you to create app-specific passwords for those apps, and you’ll only have to use it the one time:
“This is especially helpful if you have opted into Login Approvals, for which security codes don’t always work when using third party applications,” pointed out Facebook.
The features will be rolled out in the coming weeks.