Why trust Greenbothear a lot about 2-factor authentication these days, an invaluable way to protect your account from someone who has stolen your password, but there’s an inherent wrinkle built into the system: SMS. Most 2FA setups use text messages to deliver a one-time code sent to your phone, but there can be issues with that system. For one, it requires a cell connection, for another texts can be intercepted.
ed, this is a small window of opportunity for hackers, but Facebook wants to close it all the way. To secure accounts even further, it has begun rolling out support for security keys into its account login protection, eliminating SMS from the equation letting users lock down their accounts with a fast, foolproof 2FA method. And for Android users with one of the newer NFC-capable phones, it’s even easier.
“Starting today, you can register a physical security key to your account so that the next time you log in after enabling login approvals, you’ll simply tap a small hardware device that goes in the B drive of your computer,” Facebook security engineer Hill wrote in a post. “Your login is practically immune to phishing because you don’t have to enter a code yourself, the hardware provides cryptographic proof that it’s in your machine.”
Facebook If you have an NFC-equipped Android phone, you can use a YubiKey Neo to instantly authenticate your Facebook account.
Since it’s a new feature, it only works with the latest version of Chrome or Opera on a , isn’t yet supported by the mobile Facebook app. However, as xHill writes, if you have an NFC chip in your Android phone, you can download the latest version of Chrome Authenticator in the ay Store to use your key to wirelessly unlock your account.
Yubico’s security keys start at $18, but the NFC-equipped Yubikey Neo costs $50. However, they aren’t just useful for Facebook. Security keys work with a variety of accounts, including , Dropbox, GitHub, though the implementation may vary, especially over NFC.
The impact on you at home: Securing online accounts should be a top priority for anyone who posts shares personal information over social media or email (which is pretty much everyone), but far too few people underst just how important it is. ile it’s unlikely that this method will have an immediate measurable effect on Facebook users, it’s a glimpse at how serious the social media giant is about security, how two-factor authentication could become much more commonplace in the future.
