- Ohio KKK rally met with massive counter-protest and witty signs from local businesses Saturday 5:06 PM
- Guy who said he stole drugs from MS-13 now says viral story is fake Saturday 4:07 PM
- Financial service company left 885 million private records exposed online Saturday 3:13 PM
- Sasha Obama went to prom and Twitter is delighted with the photos Saturday 2:22 PM
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Saturday 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Saturday 11:58 AM
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Saturday 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Saturday 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Saturday 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Saturday 6:30 AM
- How to watch the Copa del Rey Final online for free Saturday 5:45 AM
- How to watch the DFB-Pokal final for free Saturday 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
It just got a lot easier to keep hackers and snoops out of your Facebook account.
If you’re worried about hackers taking over your Facebook account, you’ll be heartened to hear that as of this week, Facebook has added support for USB key two-factor authentication to improve account security.
Two-factor authentication (called “2FA” by cybersecurity nerds) requires an extra token in addition to your password to prove your identity when logging into online services. This prevents someone with your password to access your account. Previously, Facebook supported SMS and app-based 2FA, which prompt you to type in a number sent to your phone.
Physical 2FA replaces numbers with a USB key you plug into your PC or Mac. In addition to providing a more user-friendly experience, USB keys are also more secure than mobile apps and SMS because they’re immune to phishing and man-in-the-middle attacks, two common kinds of attacks used by hackers.
Other services such as Dropbox, Google, GitHub, and Salesforce have been supporting USB keys for years. If you’ve been using a YubiKey or any other stick employing the U2F standard to secure those accounts, you can use the same key for your Facebook account. If you’re reading this, however, you’re probably just getting started in 2FA. Here’s what you need to know.
How to enable USB key authentication on Facebook
Here are the steps to enable USB key authentication on your Facebook account:
1) Go to the Security settings page and expand the Logins Approval section.
2) In the Security Keys section, click the Add Key link and the Add Key button in the dialog that appears.
3) When the prompt appears, plug in your USB key and tap its button when its light starts blinking.
4) Once your key has been added, you’ll be prompted to re-enter your password to confirm the addition and to select a name to represent the physical key.
5) When the process is completed, your newly added key will be visible under the Security Keys section.
If you’re not used to physical authentication keys, here are a few good practices:
Have backups keys: Just like everything else that fits in your pocket, keys can get lost (or possibly stolen). Therefore, you should have backup keys. Facebook’s security settings allow you to add multiple keys and to remove lost or broken ones.
Have backup methods: For the moment, only the Facebook desktop website supports USB authentication, and the mobile website supports NFC-based keys such as the YubiKey Neo. Facebook’s mobile apps do not support physical keys yet. Therefore, you should still keep your app or SMS authentication enabled as a backup method.
Facebook’s USB authentication is not mandatory, but it is a welcomed move, as cybercriminals are targeting social media platforms at an accelerating pace. Hopefully, other social media services will follow suit and enable privacy-conscious users to breathe a sigh of relief.
Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.