Facebook is adding a new feature that will help protect users from getting their accounts compromised.
Users can now use a security key to authenticate their identity during the login process. If you use a security key, hackers won’t be able to get into your Facebook account, even if they have your username and password.
Tech crunch reports that Users are only required to enter their username and password, then the site they’re logging in to responds by texting them verification code. The user enters the verification code, proving that he or she is the proper user of the account, and not a hacker logging in with a stolen password.
Brad Hill, a security engineer at Facebook, says it was easy for the company to roll out the feature because it was already used in-house by the engineering staff for logging in to internal systems. It was simply a matter of extending the feature to Facebook’s users.
“We don’t consider two-factor a mandatory thing,” Hill explains. “We see account security as our responsibility regardless of technologies you choose to use. For people who want to stay in control, this would be a good choice for someone who wants to stay ahead of even the most advanced attacks.”
Unfortunately, there’s not a great way to integrate security keys with most mobile devices yet. When logging into their Facebook accounts on mobile, most users will still have to go through the regular old two-factor SMS process (Facebook also lets users generate their verification code through the Facebook app).