searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
Zeljka Zorz
Zeljka Zorz, Editor-in-Chief, Help Net Security
January 27, 2017
Share

Facebook gets physical for safer logins

Facebook has been offering the two factor authentication login option for a while now, and is now trying to make its use easier than ever before.

Safer Facebook logins

“Most people get their security code for login approvals from a text message (SMS) or by using the Facebook app to generate the code directly on their phone. These options work pretty well for most people and in most circumstances, but SMS isn’t always reliable and having a phone back-up available may not work well for everyone,” Facebook security engineer Brad Hill explained, and announced that, from now on, users can register a physical security key to their account.

So, instead of entering a confirmation code after entering the password, users can simply tap their physical security key, and they’re in.

Aside from making the login process faster and easier, the option offers protection against phishing attacks, as you don’t have to enter a security code, and phishers have no way of getting your security key.

Also, the security key can be used for two-factor authentication schemes offered by other online services (Google, Dropbox, GitHub, etc.).

Using a security key with your Facebook account

Instructions on how to add a security key to your account can be found here, but you have to know there are some limitations for its use.

It currently works only with certain web browsers: the latest version of Chrome or Opera. “At this time we don’t support security key logins for our mobile Facebook app, but if you have an NFC-capable Android device with the latest version of Chrome and Google Authenticator installed, you can use an NFC-capable key to log in from our mobile website,” Hill also pointed out.

So, you’ll still need to set up an alternative login approval method, just in case.

More about
  • account protection
  • authentication
  • Facebook
Share this

Featured news

  • 3 business application security risks businesses need to prepare for in 2023
  • Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)
  • Attackers use portable executables of remote management software to great effect
Guide: How virtual CISOs can efficiently extend their services into compliance readiness

Sponsored

eBook: 4 ways to secure passwords, avoid corporate account takeover

Here’s the deal: Uptycs for all of 2023 for $1

2022 Cloud Data Security Report

Don't miss

3 business application security risks businesses need to prepare for in 2023

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

Attackers use portable executables of remote management software to great effect

How businesses can bolster their cybersecurity defenses with open source

ChatGPT is a bigger threat to cybersecurity than most realize

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us