- Ari Fleischer’s Iraq War tweet isn’t going over well 2 Years Ago
- Cop arrested for recording man’s genitals, forcing mentally ill man to twerk 2 Years Ago
- MoviePass rebrands its unlimited plan, again 2 Years Ago
- Former Alaska senator launches meme-filled 2020 primary campaign 2 Years Ago
- The Shane Dawson cat controversy has resulted in these sex memes Today 10:06 AM
- Sarah Sanders mocks CNN reporter with ‘dear diary’ tweet Today 9:03 AM
- Know what you’re signing up for thanks to these dating site reviews Today 8:58 AM
- CBS All Access now offers a month for free—just in time for March Madness Today 8:39 AM
- The Apex Legends: season 1 battle pass is finally here—and there’s a lot to unpack Today 8:38 AM
- Woodstock 50 lineup, rumored ticket prices leave fans on Twitter fuming Today 8:18 AM
- How to stream ‘Pretty Little Liars: The Perfectionists’ for free Today 6:30 AM
- As followers get more violent, should 8chan ban QAnon? Today 6:30 AM
- What you need to know about DVR on DirecTV Now Today 5:30 AM
- How to stream Hulu’s ‘The Act’ for free Today 5:00 AM
- Devin Nunes’ lawsuit with Twitter over parody accounts inspires more parody accounts Tuesday 7:53 PM
It just got a lot easier to keep hackers and snoops out of your Facebook account.
If you’re worried about hackers taking over your Facebook account, you’ll be heartened to hear that as of this week, Facebook has added support for USB key two-factor authentication to improve account security.
Two-factor authentication (called “2FA” by cybersecurity nerds) requires an extra token in addition to your password to prove your identity when logging into online services. This prevents someone with your password to access your account. Previously, Facebook supported SMS and app-based 2FA, which prompt you to type in a number sent to your phone.
Physical 2FA replaces numbers with a USB key you plug into your PC or Mac. In addition to providing a more user-friendly experience, USB keys are also more secure than mobile apps and SMS because they’re immune to phishing and man-in-the-middle attacks, two common kinds of attacks used by hackers.
Other services such as Dropbox, Google, GitHub, and Salesforce have been supporting USB keys for years. If you’ve been using a YubiKey or any other stick employing the U2F standard to secure those accounts, you can use the same key for your Facebook account. If you’re reading this, however, you’re probably just getting started in 2FA. Here’s what you need to know.
How to enable USB key authentication on Facebook
Here are the steps to enable USB key authentication on your Facebook account:
1) Go to the Security settings page and expand the Logins Approval section.
2) In the Security Keys section, click the Add Key link and the Add Key button in the dialog that appears.
3) When the prompt appears, plug in your USB key and tap its button when its light starts blinking.
4) Once your key has been added, you’ll be prompted to re-enter your password to confirm the addition and to select a name to represent the physical key.
5) When the process is completed, your newly added key will be visible under the Security Keys section.
If you’re not used to physical authentication keys, here are a few good practices:
Have backups keys: Just like everything else that fits in your pocket, keys can get lost (or possibly stolen). Therefore, you should have backup keys. Facebook’s security settings allow you to add multiple keys and to remove lost or broken ones.
Have backup methods: For the moment, only the Facebook desktop website supports USB authentication, and the mobile website supports NFC-based keys such as the YubiKey Neo. Facebook’s mobile apps do not support physical keys yet. Therefore, you should still keep your app or SMS authentication enabled as a backup method.
Facebook’s USB authentication is not mandatory, but it is a welcomed move, as cybercriminals are targeting social media platforms at an accelerating pace. Hopefully, other social media services will follow suit and enable privacy-conscious users to breathe a sigh of relief.
Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.