Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Facebook goes two-factor

Published: 2011-05-22
Last Updated: 2011-05-22 19:34:37 UTC
by Kevin Shortt (Version: 1)
6 comment(s)

Facebook is now offering a new feature called "Login Approvals".   I call it part-time two-factor authentication mechanism.  Andrew Song of Facebook states:  "Login approvals is a Two Factor Authentication system that requires you to enter a code we send to your mobile phone via text message whenever you log into Facebook from a new or unrecognized computer." [1]

I have downgraded it to "part-time" because once you have approved the browser instance you are using to login to daily, it does not require execution of the second authentication until you have removed it from the list.  I clarify "browser" because you will be forced to re-auth from a different browser.  

On the upside however, it is an easy and ubiquitous solution that many people are inclined to incorporate in order to protect their Facebook account.  "Login Approvals" can be turned on in the "Account Security" section on the Settings tab of your Facebook Account Settings.

[1] https://www.facebook.com/note.php?note_id=10150172618258920


Kevin Shortt
--
ISC Handler on Duty

6 comment(s)
Diary Archives