Careful not to make the same mistake that other companies have committed amid recent hacking trends, Facebook has introduced a new security feature to protect its users from unauthorized access to their accounts.
This involves a security key that serves as the second factor to the Facebook login process. The overall concept is similar to the two-factor authentication method offered by email services such as Gmail.
It is an additional layer of security required to access an account aside from the user name and password.
Two-Factor Concept
In the conventional two-step process, a verification code is sent to the user's phone. The code is then entered into the login panel to open the account.
The process is a bit roundabout, requiring you to trigger the verification code and wait around before the SMS message arrives. In addition, it could still entail risk since hackers can intercept the message while in transit by resetting the user's SIM.
Security Hardware
Facebook's new solution is easier and more convenient. This is because the security is a physical hardware that the user carries with him. To use it, the key only needs to be plugged in to a USB port when the Facebook login prompt requires the extra proof of identity.
What is also quite interesting is the way a security key can unlock other accounts that support the same security verification. For example, if you own the one manufactured by Yubico, you can also use it to log in to Google and DropBox.
Pitfalls
Experts tout that the security key is very effective and, thus, necessary for those constantly in state of fear about getting hacked.
"If you use a security key, you're pretty much completely immune to any kind of attack like phishing," Brad Hill, a security engineer at Facebook said in a Fortune report.
According to Hill, Facebook engineers are already using this authentication method for some time.
There are, however, some drawbacks and these include its incompatibility with most mobile device. The best option for mobile users involves the purchase of keys supporting NFC-capable devices that can authenticate user identity on the go.
There is also the issue of lost and stolen keys. Key recovery is said to be more complicated than resetting your password.
However, if you are not concerned about any of these things and would like to try the new authentication option, you can activate it at the Security Settings accessed through the Privacy shortcuts.
If you head to Login Approvals, you will find the Security Keys option together with other two-factor authentication methods such as SMS and Code Generator.