14 April 21, 06:28
Quote:Continue Reading
Setting up 2FA gives you the peace of mind knowing that your accounts are secure
Earlier this month, our team wrote about the latest Facebook data breach and offered suggestions on how to improve your account security. Let's now walk through the steps you can take to enable two-factor authentication on your accounts.
Unfortunately, Facebook (and Google) don’t make authentication particularly easy. And to make matters worse, both companies have the habit of changing their menu options to confound even those who have done it previously.
My recommendation is to use a web browser, rather than mobile apps, for these activities. This is because you’ll want the additional screen real estate and some of the options are more difficult to find in mobile apps.
Adding authenticators to your Facebook account
Start by clicking on your name in the upper right of the screen and go to the three horizontal dots next to the 'Edit Profile' box. Select 'Profile and Tagging Settings' then 'Security and Login' from the left-hand menu options. You should see a list of where you're currently logged in — if you don’t recognize the location or the operating systems listed, there's a three dot menu which you can select to log out of that session.
This is a good time to change your account password, and make sure you choose something unique, as Facebook says on the settings page.
The next section is where you set up your additional authentication factors. Facebook breaks this down into three subsections: one to enable 2FA, another where you can review devices that don’t require any login codes (you should check the 'View' option and then turn this feature off), and a section where you can enable your Facebook login credentials to login to particular apps. (I would also recommend not doing this.)
Click the 2FA 'Edit' button and you'll be asked to re-enter your Facebook password. You will have two options on the next screen. Once you turn on the 2FA option, you'll see the following screen: ´
The first method is adding a smartphone authenticator app, such as Google Authenticator, Duo, Authy, or any of the others. When selecting this method, you'll see a screen that displays a QR code — bring up the app on your phone, add a new login, and take a photo of the QR code to add Facebook to the list of places that can use this login method. When it's time to login, you'll bring up the app on your phone, locate the line for Facebook and enter the six-digit code that is displayed in the login box on your web browser. (The code changes every 30 seconds, so make sure you have the time to enter it correctly!)
The second option is to use a hardware security key, such as the Google Titan or one of the Yubico keys. You may wonder why anyone would go with this option over using an authenticator app. It's due to the fact that security keys are the absolute best security you can have for your account, but it does means you have to carry around the physical key if you want to access your account from a new device. If you do go this route, I recommend getting at least two keys and keeping them in different locations (such as your car and your home). When enabling 2FA, choose to add a new key — you'll be prompted to insert it into your USB port and then press the button to transmit the key and register the device.
Below these options is another section where you can add your phone number as a backup method. Sadly, you can’t turn this off.
Earlier, I mentioned not having Facebook logins to any other places. If you go back to the main settings menu and scroll down to the 'Apps and Websites' section, you’ll see another series of options. You want to ensure that the 'Apps, Websites and Games' section is turned off. This will prevent you from playing any Facebook Gameroom games or sharing your Facebook comments on other websites. If this is a big deal for you, understand you are accepting some additional risks. If you have a lot of apps that are listed, you have to revoke their access individually.
Facebook also warns you that when you revoke access, you might have some residue of your data on the third-party site. However, it also provides some helpful information about when this site accessed your data and other details that can show you exactly what has been collected from the account.
...