Facebook expands support for two-factor authentication security keys to mobile devices
Facebook has announced it’s expanding support of security keys for two-factor authentication (2FA) to mobile devices. The social media giant has offered the same support on desktop since 2017.
Two-factor authentication is one of the best ways to protect your online account from being hacked. Typically, this is done by entering your password and then entering a code, delivered either via SMS or generated by an Authenticator app. Using a two-factor method makes it difficult for bad actors to obtain both sets of information, thus providing users with improved security.
A physical security key, which can be small enough to fit on a keychain, is considered one of the most secure ways to keep your information protected. Codes that are generated by Authenticator apps or delivered via SMS can sometimes leave users vulnerable.
“We strongly recommend that everyone considers using physical security keys to increase the security of their accounts, no matter what device they use,” Facebook said.
Typically, hardware security keys are used by people who are at a high risk of being targeted, including politicians, public figures, journalists, and human rights defenders. But it’s good practice for everyone to take similar security measures, whether it’s for a social media account, bank account, or email. Even if your password is leaked, using two-factor authentication can still protect your account, especially if it’s a security key that’s with you at all times.
There are a variety of security keys on the market, including options that are made by Google called Titan. Titan is offered in a few different configurations, including USB-A/NFC, Bluetooth/NFC/USB, and USB-C.
Facebook users can enroll their security key in two-factor authentication within the Security and Login section of Settings. If you don’t opt for a physical security key for two-factor authentication, you should absolutely use an Authenticator app. Microsoft, Google, and many other services, including 1Password, offer Authenticator options.