Startups Technology

Facebook introduces security keys for enhanced account protection

27 Jan, 2017


Social networking giant Facebook Inc., on Thursday introduced an additional option for account protection. Users can now register a USB-based physical key to their accounts, thus allowing them to login via a small hardware, Brad Hill, a security engineer at Facebook said in a blog post.

Most users access their accounts via two-factor authentication, which requires them to input a security code in addition to a password. The security code is sent via SMS text message or via the Facebook app.

With the new security key, users do not need to generate a code via text message. Instead, they would need to purchase a UBS-powered security key manufactured by companies like Yubico. The security firm's proprietary YubiKey can be inserted in a desktop, laptop or mobile device and users can generate a code from the device. The YubiKey supports U2F, Universal 2nd Factor, an open authentication standard developed by Google and Yubico which allows users to securely access services on a single device. U2F has been adopted by companies such as Dropbox, Salesforce, Gmail, and even the UK government.

Presently, U2F is supported by the FIDO Alliance, an open-authentication industry consortium.

However, the physical security keys for Facebook logins currently only work on certain web browsers like the latest version of Chrome or Opera, and the NFC-enabled Android devices. The Facebook mobile app doesn't support security key logins.