Facebook to require users at risk of being hacked to enable 2FA

The rule will apply primarily to members of Facebook Protect, a program designed to offer extra security to at-risk accounts

Meta’s Facebook social media platform will soon require users at risk of being hacked, such as human rights activists, politicians and journalists, to enable two-factor authentication (2FA).

As reported by Engadget, the move comes as part of an update to Facebook’s ‘Protect‘ program, which was designed to offer extra security to at-risk accounts. The Protect program will require participants to turn on 2FA, with U.S. members needing to do so by mid or late February. Presumably, people in other countries will also have a deadline to enable 2FA depending on when Protect rolls out to them.

Facebook told Engadget that it worked to make 2Fa enrollment “as frictionless as possible.” While Facebook is aware it’ll take time for all users to comply with the rule, it seems pleased with results so far.

“So far, it’s actually going very, very well we’re seeing well above 90% of people successfully enabling ahead of that mandatory period,” Meta’s head of security policy, Nathaniel Gleicher, said. Moreover, Gleicher told Engadget that over 1.5 million users enrolled in the program so far, and 950,000 have switched on 2FA. Still, 2FA remains an underutilized security feature on Facebook — only 4 percent of the platform’s monthly active users have it enabled.

2FA, for those not familiar with the term, refers to various secondary methods of authentication for online accounts. If you’ve ever tried to log in to an online account and been asked to type in a code sent to you by email or text message, you’ve used a variant of 2FA. When coupled with a strong password, 2FA can help make online accounts more secure since a hacker would need both your password and a secondary, typically temporary, authentication.

That said, 2FA isn’t perfect. Malicious actors have started using attacks like SIM swapping to gain access to victims’ phone numbers and intercept 2FA codes. Because of this, using a smartphone app or a security key to handle 2FA instead of relying on SMS or email to receive 2FA codes is more secure.

Facebook first started testing Protect in 2018, then offered it to U.S. politicians ahead of the 2020 election. Since then, Facebook has expanded the program and is on track to make it available in over 50 countries by the end of 2021, including the U.S. and India.

You can learn more about Facebook Protect here.

Source: Engadget

MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.

Related Articles