Disqus for Cyber Fort

Thursday, 25 July 2013

Pin It

Widgets

Apply Two Passwords to your Facebook Profile

Account hijacking is a big problem on Facebook, where attackers figure out your passwords and take over your account. While you should always select strong and unique passwords for each online account you have, it is increasingly clear that just relying on a password is not enough security. This is where two-factor authentication comes in.


There are three generally recognized factors for authentication: something you know (such as a password), something you have (such as a hardware token or cell phone), and something you are (such as your fingerprint). Two-factor means the system is using two of these options, and the most common combination is the password and a one-time code sent to a cell phone. This means the attacker needs more than just your email address and password to break in.


Facebook offers Login Approvals, its version of two-factor authentication, to protect users from takeover attempts. The one-time password is generated on the Facebook mobile app for Android and iOS devices or sent via SMS message to other phones.

Here is how to turn it on

Click on the gear icon on the top right corner of the page, and select "Account Settings" from the drop-down menu. When you click on "Security," you will see several settings, including "Login Approvals." Clicking on the option opens up a checkbox, "Require a security code to access my account from unknown browsers."
Facebook will walk you through the process step-by-step, explaining how to receive the security code on your mobile device and where to type it in during the login process.
While you can choose to receive SMS messages to your phone, Android and iOS users can use the "Code Generator" feature on the Facebook mobile app to generate the codes.

Only for Unknown Devices

Login Approvals prompts the user to enter that security code only when the login attempt is from an unrecognized device. If someone tries to log in from somewhere else, that person will need to have your phone to see the security code. If someone stole your laptop, you are out of luck because Facebook recognizes the device.
Let me rephrase that. If the attacker in a different city uses his or her own computer to log in to my account. Even if the browser is the same, because the computer itself is unknown, Login Approvals would block the attempt. But if I lose my phone or my laptop, then the thief could gain access to my account.
Even so, enabling Login Approvals is a good idea in most cases because it adds an extra layer of security. In general, if you have multiple defenses in place, attackers will just give up and find an easier victim.

If you like this post, please like us... 


1 comments :

Unknown said...

well this is good for enableing ywo password for facebook....