Facebook Login Approvals, Optional Two-Factor Authentication
Facebook began to roll out a two-factor authentication system designed to protect user accounts from unauthorized access in 2011.
Two-Factor authentication is designed to add a second layer of authentication to the login process to better protect accounts. There are two main types of systems in use right now: systems that send codes to user devices whenever a sign-in process is started, and systems that use code generators on user devices. Facebook supports both of these options.
PayPal for instance is offering VeriSign ID Protection devices that act as a second layer of authentication. Google recently introduced two-step verification for Google accounts as well.
Facebook Two-Factor Authentication
The company confirmed on the official Facebook blog that the feature has been rolled out to all Facebook users. Every Facebook user has now the option to enable two factor authentication on Facebook.
The protection was called Facebook Login Approvals previously but is now called Two-Factor Authentication instead.
Facebook users can enable the new security feature by opening the new 2FA page on Facebook. Users who prefer to go there manually need to click on the down-arrow icon and then on Settings > Security and Login > Use two-factor authentication.
A click on "turn on" launches a wizard that guides the user through the activation of the new feature.
Note that you either need to link a phone to your account or use an authentication app instead. Facebook offers both options and you can use either one to get or generate codes to sign-in to the Facebook account.
Setup itself is very straightforward and should not pose any issues even to users who never set up two-factor authentication systems before.
Login Approvals work in the following way
You link a mobile phone number to your Facebook account. This mobile phone number receives a code via test message whenever someone with the correct username and password tries to log in from an unauthorized computer.
Or, and that is the second option, you use a supported authentication app to generate the codes directly on your devices.
Either way, the code is only needed when sign-ins are recognized from a device that is unknown to Facebook (in other words, has not been used before or has been cleaned recently).
Attackers would need to have access to the generated code to log in to the Facebook account.
The two-factor authentication code is requested in the following scenarios:
- Whenever you sign-in to Facebook on a new device or using a new web browser.
- When someone else uses an unknown device or browser to sign-in using the correct login username and password.
- After you have cleared browsing data.
Facebook users will furthermore be notified of log in attempts from unauthorized computer systems. An unsuccessful attempt usually means that someone else is in possession of a user's Facebook username and password. Users get options to change their account password right away to protect their account further.
Back to the configuration. Codes are currently only send to mobile phones via SMS or generated by authentication apps such as Google Authenticator; this means that you need access to a mobile device to configure Facebook's two-factor authentication system.
Users who have not done that already are asked to add a mobile phone number to their account to complete the Login Approvals setup.
It is afterward necessary to confirm the link by entering a code that is sent to it by Facebook. The mobile phone number and Facebook account are from that moment on linked.
What happens if you lose your phone? You still have the option to log in from computer systems that have been authorized previously. You may also set up recovery codes on the Facebook site to access your account if you don't have access to your phone, or use security keys that support the Universal 2nd Factor (U2F) standard.
Facebook users who want to add an extra layer of protection to their account should consider enabling login approvals.
Unfortunately, it doesn’t appear to work with Google Voice
DO NOT USE THE FB APPROVAL SYSTEM!!! It has had me locked out of my account AND my business account for four days now!! The system does not work! It would not save my computer as a home device so I deleted my number thinking that would shut it off…. well it doesnt. Instead it makes you completely stuck because log in approvals are still on BUT my number is not in there to send me a code. soooo now I’m unable to get on my FB or my business page which is REALLY taking a hit because of this. I’ve reported the bug repeatedly and emailed the FB team over and over again and have not recieved anything except one automated message that said “We cannot offer support for this issue”
DO NOT USE LOG IN APPROVALS!
Instead of deleting your number thinking it would turn it off, why didn’t you just turn it off properly by unchecking “Require me to enter a security code sent to my phone”?
Iv been havin this problem for bout 5months now and fb don’t get back to you and still can’t get on
i am the same! ive been logged out weeks now, is there a way to fix it ?
Andrea I wish I’d seen your message about this before I opted for approved logins…. Exactly the same has happened to me. Have you been able to get back on yours now?
thank god for not blocking my account it only was disactivated
I too can no longer log into my account because this system is not working, I been trying to find a solution but I have had not feedback what so ever from Facebook, and I confirmed that other services that use functions like this do work.
Michael, I was locked out for a week but managed rto get back in my addind a new email address onto my facebook (you can do this if you remember your security question and answer from when you first registered. It takes 24hours for you to be able to regain access, it then allows you to log in, and add a new mobile number (I used a friends) and got the security code phoned through to me, I was then able to get back in! Good luck, hope this helps!
Hannah,how can I add a new E mail onto my account?
sir,my account is deactivate bcoz i lost my mobile and ow i can”t get security code and i also an”t add reconized device to active my account please tell me what can i do ?there is no rplyy from facebooki too can no longer log into my account because this system is not working, I been trying to find a solution but I have had not feedback what so ever from Facebook, and I confirmed that other services that use functions like this do work
I’ve sign up for a login approval but I’ve lost my phone and I don’t have a recognized device. What will I do? Help me! I’ve locked out for four months :( email me here [email protected] if there’s a solution thank u!!
let me know if u hear a reply i am in the same situation!!
i am a user of facebook.i have been facing problem to get my login approval code on my mobile for last 2days.i tried many resends of the approval code but did not receive it.neither Facebook admin did not reply my issue neither they responded via anyemail regarding the issue.can any body tell my how to access my code or facebook account without code.
U need to file a report.. Then u need to submit gov. I’d like passport..then wait for Facebook reply:) be patient :)
but how if the code is sent to a number which is no longer being used? how can i do that?
I sent my ids and citizensip photos also but dint got any reply
The mobile number registered in my account is inactive , so when
Facebook does security check and sends the security code in my mobile number I couldnâ€™t get it , so how am I going to change my mobile number ? Coz I couldnâ€™t log in because of security check procedures?
I think it could be a good idea if Facebook develops its own Two Factor Authentication app for smart phones – Similar to the Google Authenticator App available for iPhones at the iTunes store. That way, the authentication tokens are created on the the smart phone locally – Instead of relying exclusevely in their SMS Gateaway which may become unstable, as well as the Mobile network of the users. The smart phones could even be out of celular network reach but as long as it has battery it can still serve authentication tokens through the app itself.
security code mobile face
What is up?
I am having the same problem? So why hasn’t anyone correctly answered this question? Why can’t we turn login approvals off? And why does fb totally ignore our emails? I’ve been off for 4 days and slao deleted fb from my phone thinking that would help but no . so now I cant even login from my mobile phone. Can anyone please help???? Thank you in advance.
Same thing happened here – after repeated attempts to enter codes & such .. They will not reactivate any of my devices or help me log in to do so. The multi zillion $ co does nothing to help in this area to the people who are actively helping keep it up & running . Very sad.
Its been four days now and no response !! Piss poor effort FB
Its been four days now and no response !! Poor effort FB
same problem. any links ?
lol. i think the login approval will be the perfect security, but its worse. lolz
I have been going out of my mind for over a week, I have sent numerous reports to facebook and yet they havent bothered. Aspam post (not intended as spam as it was my best friend who commented on my post)posted on my wall 545 times these 545 message posts were also pinging my phone , i panicked and quickly unlinked my phone from facebook when i then tried to log in later that day and it said i dont have phone linked to account therefore they cannot send login approval code!!!! I tried all sorts tried all their ‘help’ pages’ even sent my government photo id and they arseholes still blank me arghhhh . I then tried a different email account and was told (via automated screen message) my account would be active after 24 hours-was it hell!!! i counted down the last 30 minutes then tried to logg in and it sent me right back to where i started still no facebook retrieval. This is outrageous, reading that this is a very common problem, the amount of bloody money the company have, you’d think they would have sorted it out. I dont know what to do ? Has anyone had any joy yet.
48 hours gone without accessing my facebook. I really wish i hadn’t turn this crap on.
Everytime i try, they send the code but it’s not working. Somebody help.!! :(
i am from india. In my account, login approvals setting is not found on security page. What can i do??
You need to have entered a mobile phone number on Facebook. Did you do so?
i have added 3 phone numbers sir..
I lost my phone.I can’t login approval code.Please sent me approval code in this emai.I am real owner.Thanks you.