Facebook ups the ante on security
FYI, this story is more than a year old
Social networking giant Facebook has announced a new security feature, as the company looks to improve protection for its users.
According to Brad Hill, security engineer at Facebook, says users are always asking what they can do to make their online accounts more secure.
“Like most security professionals, I recommend setting up two-factor authentication,” he says.
“That means when you log into Facebook from a new phone or browser, you'll enter a special security code from your phone in addition to your password. That way, it's much harder for someone else to access your account, even if they have your password,” he explains.
Hill says Facebook is now taking that account protection a step further – with Security Key.
“Most people get their security code for login approvals from a text message (SMS) or by using the Facebook app to generate the code directly on their phone,” Hill explains.
“These options work pretty well for most people and in most circumstances, but SMS isn't always reliable and having a phone back-up available may not work well for everyone,” he says.
Users can now register a physical security key to their account so that the next time they log in after enabling login approvals, they’ll simply tap a small hardware device that goes in the USB drive of their computer.
According to Hill, using security keys for two-factor authentication provides a number of important benefits:
· Phishing protection: Your login is practically immune to phishing because you don't have to enter a code yourself and the hardware provides cryptographic proof that it's in your machine.
· Interoperable: Security keys that support U2F don't just work for Facebook accounts. You can use the same key for any supported online account (e.g. Google, Dropbox, GitHub, Salesforce), and those accounts can stay safe because the key doesn't retain any records of where it is used.
· Fast login: If you use a security key with your desktop computer, logging in is as simple as a tap on the key after you enter your password.
Facebook security tips
Take the Privacy Checkup. You'll walk through a few quick steps to make sure only the people you want to see your stuff can see it. You can review who you're posting to, which apps you're using, and the privacy of key pieces of information on your profile.
Choose who sees what you post. On Facebook, you can use the audience selector to choose who will see each of your posts — just your friends, everyone, or specific people you select.
Increase your account security by turning on login approvals. You'll get a unique security code each time you access your Facebook account from a new device.
Manage your ad preferences: Want to know why you're seeing a particular ad, or see more that are relevant to your preferences? Ad preferences lets you control the ads you see so they are more useful to you. You can also hide a particular ad.
Check yourself: Ever wondered what your Facebook profile looks like to other people? You can use View As to preview what the public or a specific person, like a friend or a coworker, would see if they visited your profile.