I must admit that this type of security mechanisms I associate rather with online banking than social networking. It is true that attack on Facebook account for many people can be as severe as hacking into their bank account. Although the loss will not be financial, but we put on social networks a lot of things that are not for everyone. Facebook can also be used to log on to other services, so this kind of burglary can have very serious consequences.

Two-step authentication is very safe option, but not perfect. Hackers can for example prepare a fake site, which in addition to user name and password, will ask also about the one-time code sent via SMS. Therefore, Facebook has prepared a new way to protect our accounts. You can already take advantage of the additional step of authentication that requires a security USB key. This only looks like an ordinary USB flash drive.

Facebook U2F

Facebook supports USB keys compliant U2F (FIDO Universal 2nd Factor).

The principle is very simple. When you log on to your account, you will be required to connect to the computer’s USB port the special security key. As a result, your account will be protected from attacks based on phishing (i.e. fabricated websites) and man-in-the-middle techniques (i.e. interception send packets). It is also virtually impossible to clone such a key. Therefore, the only effective attack on account protected by U2F key requires physical intervention. So someone has to simply steal this key from us.

The new mechanism is only supported by Chrome and Opera.

Unfortunately, not all browsers support U2F mechanism. Therefore, if you want to take advantage of a new way of securing the Facebook account, you must install the latest version of Chrome or Opera. Mozilla is currently working on the implementation of this standard in its Firefox browser. Microsoft also has mentioned something about this, but so far the Edge does not support U2F. Currently, the new security method only works with the browse version of Facebook service. Mobile application does not support it yet. However, U2F works with mobile version of Facebook website. Therefore, holders of Android phones that support NFC, may authorize by a U2F key with NFC module.

Facebook U2F

The prices of this type of keys start at $18. The single device can be used to protect Facebook, Dropbox, Google account, and others. Large IT corporation are interested in this standard, including: Google, Microsoft, Samsung, PayPal, American Express, MasterCard, VISA, and Intel.

Source: Facebook

Share This: