Facebook Launches “Security Key” Feature to Protect User Accounts

Security Key is one of the latest features added to the Facebook’s always expanding features. It was introduced exclusively for two-factor authentication, which is now required at the time of logging into website. Through Security Key, mandatory requirement of receiving the verification code via SMS will be eliminated.

The team of Facebook security announced in this blog post that they would be supporting FIDO U2F Security Key in order to protect accounts from hackers. It is basically a physical key that is to be plugged into computer’s USB port and to confirm the login information including the password; all you got to do  is tap on it.

Their team also mentioned that sending codes using SMS messages was not a reliable option since majority of users never create a phone back-up. Registering for physical security key will be a better and reliable way to enable the login approvals. Although some may feel that the requirement of another physical device would be little troublesome, Facebook states that the primary focus here is on the security of public data and the profiles from hackers and the phishing attacks. The feature is only compatible with Opera or Chrome.

The security team explained on the blog:

“Security keys for the Facebook logins currently only work with some web browsers and mobile devices, so we will ask you to register an additional login approval method, like your cell phone or any Code Generator. At this time we do not support any security key logins for our mobile Facebook app.”

 

To add your Security Key, you need to use your computer and install the latest Chrome or Opera browser version. Though the feature cannot be accessed from the mobile Facebook app, if you possess an “NFC-capable Android device with the latest version of Chrome and Google Authenticator installed” you can use the key to log in from your mobile website.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA