Facebook - How to enable two factor authentication
Right, Facebook. The one and only, which 2 billion or so people (ok, 1.86 billion) have a love/hate relationship with, or in Facebook lingo: it is complicated. I guess I could write articles on if you should be using Facebook at all, along with any of the big name services out there (Google, Yahoo, Microsoft etc), but as I say, that is probably another set of articles altogether, concerning privacy etc. For now we can concentrate on the fact that many people around the globe indeed are using it, and far too few have bothered with setting it up in a way that is secure enough. Come to think of it, I probably will write another article on how to sort out the settings for privacy as well, later, but for now, let’s concentrate on enabling Two Factor Authentication within Facebook.
From the beginning of Facebook there wasn’t Two Factor Authenitcation there at all, then they added Two Factor Authentication via their own Facebook app. Having it enabled meant that if you logged in from a new place you hadn’t logged in from before, you had to open your mobile phone app and look at the generated code which the app provided. It worked, but felt a little bit clunky.
Facebook options for Two Factor Authentication
However, as time has passed, and Facebook (and others) and their users have been targets for account hacking, Facebook has really upped its game when it comes to Two Factor Authentication. There is no longer any good reason to not have it enabled, in one form or another. Let’s start with looking at there you should go: Settings -> Security and login. If you are logged in to Facebook already, you can click that link and you’ll get to the correct place. That should give you a view like this, where I’ve highlighted the important bits:
As you can see I have my “Use two-factor authentication” set to “On”. If you don’t, this is the time to change it. Click “edit”. That should fold out some more options that looks something like this (yes, my phone number is masked):
Here you basically pick your option. Start by turning it “On” and perhaps learn more about Two Factor Authentication on the “Learn More” link.
Add your phone number
You can actually have several options enabled. I would definitely recommend you add your phone number as a backup (if you don’t mind sharing your phone number with Facebook that is). Doing that looks like this:
You can add your Yubikey
For those of you that have read my previous articles on increasing security in general, you’ll see Facebook now also offers support for Yubikey, which looks like this:
I have to admit though, this is one service where I haven’t added my Yubikey, mainly as I use Facebook as much from my mobile devices (which can’t take the Yubikey) as I do with my desktop computers (which obviously can), as I can foresee there could be some logical barriers where I’ll be sitting there swearing.
Add Google Authenticator
Since they introduced it I’ve used the mobile Facebook app code generator though, which I’ve also been swearing a bit over as they have made it overly complicated to get to, but I was really pleased when I noticed they added “third-party apps” for code generation too. Like Google Authenticator (see previous article). Adding Google Authenticator looks like this, where you have to scan a QR code etc:
Finally, if you have a printer and a safe space to store printed paper, you should really make sure you generate the “recovery codes”, which basically are 10 different one-time codes. When you’ve used one it can’t be used again. For obvious reasons I don’t want to show you what mine look like.
Given how much personal information most people have on Facebook, not enabling Two Factor Authentication is almost like playing with fire. Also remember, if someone gets access to your account they also get access to lots of details of your friends. Do yourself and your friends a favour: enable Two Factor Authentication. And stop doing all those silly polls on Facebook, as they basically are giving away your, and your friends, details for free only to teach you that “Pidgeon” is your true bird, or that your soul age is 53. They cost a lot more than the perceived joy they give back.