Facebook Login Approvals, Optional Two-Factor Authentication

Facebook about a month ago began to roll out a two-factor authentication system designed to protect user accounts from unauthorized access. Two-Factor authentication is designed to add a second form of authentication to the login process, usually in form of a code that is send to the user.

PayPal for instance is offering VeriSign ID Protection devices that act as a second layer of authentication. Google recently introduced two-step verification for Google accounts as well.

The company confirmed today on the official Facebook blog that the feature has been rolled out to all Facebook users. Every Facebook user has now the option to enable two factor authentication on Facebook. The protection is called Facebook Login Approvals, and designed to add a second layer of protection to the log in process on the social networking site.

Facebook users can enable the new security feature under Account > Account Settings > Account Security.

facebook login approvals

This launches a wizard that guides the user through the activation of the security service. Login Approvals works in the following way:

You link a mobile phone number to your Facebook account. This mobile phone number receives a code via SMS whenever someone with the correct username and password tries to log in from an unauthorized computer.

login approvals



This means that you do not get a code when you log in from your home computer. Attackers do not get to see the code either when they do not enter the right login credentials.

The only two scenarios where the code is displayed are unauthorized login attemps by attackers who have your username and password, and first time log ins on new computer systems or devices.

Read also:  Microsoft Account Credentials Leak vulnerability

Facebook users will furthermore be notified of log in attempts from unauthorized computer systems. An unsuccessful attempt usually means that someone else is in possession of a user's Facebook username and password. Users get options to change their account password right away to protect their account further.

Back to the configuration. Codes are currently only send to mobile phones via SMS. This means that you need to add at least one mobile phone number to your Facebook account.

Users who have not done that already are asked to add a mobile phone number to their account to complete the Login Approvals setup.

confirm your phone

It is afterwards necessary to confirm the phone by entering a code that is send to it by Facebook. The mobile phone number and Facebook account are from that moment on linked.

What happens if you lose your phone? You still have the option to log in from computer systems that have been authorized previously.

Facebook users who want to add an extra layer of protection to their account should consider enabling login approvals. Some users may not want to add a mobile phone number to their Facebook account on the other hand. There is unfortunately no way around this currently if you want to make use of Login Approvals. (via Loginhelper.com Facebook Login Approvals)

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to Facebook Login Approvals, Optional Two-Factor Authentication

  1. David BUllock May 14, 2011 at 1:35 am #

    Unfortunately, it doesn't appear to work with Google Voice

    - Dave

  2. Andrea May 25, 2011 at 2:08 am #

    DO NOT USE THE FB APPROVAL SYSTEM!!! It has had me locked out of my account AND my business account for four days now!! The system does not work! It would not save my computer as a home device so I deleted my number thinking that would shut it off.... well it doesnt. Instead it makes you completely stuck because log in approvals are still on BUT my number is not in there to send me a code. soooo now I'm unable to get on my FB or my business page which is REALLY taking a hit because of this. I've reported the bug repeatedly and emailed the FB team over and over again and have not recieved anything except one automated message that said "We cannot offer support for this issue"

    DO NOT USE LOG IN APPROVALS!

    • anonGHacks August 19, 2011 at 3:37 am #

      Instead of deleting your number thinking it would turn it off, why didn't you just turn it off properly by unchecking "Require me to enter a security code sent to my phone"?

      • stacey January 27, 2013 at 10:55 pm #

        Iv been havin this problem for bout 5months now and fb don't get back to you and still can't get on

    • kammy October 21, 2012 at 4:20 pm #

      i am the same! ive been logged out weeks now, is there a way to fix it ?

  3. Hannah May 30, 2011 at 11:25 pm #

    Andrea I wish I'd seen your message about this before I opted for approved logins.... Exactly the same has happened to me. Have you been able to get back on yours now?

  4. Rajesh June 10, 2011 at 5:20 pm #

    thank god for not blocking my account it only was disactivated

  5. Michael June 14, 2011 at 10:47 pm #

    I too can no longer log into my account because this system is not working, I been trying to find a solution but I have had not feedback what so ever from Facebook, and I confirmed that other services that use functions like this do work.

    • hannah June 14, 2011 at 10:56 pm #

      Michael, I was locked out for a week but managed rto get back in my addind a new email address onto my facebook (you can do this if you remember your security question and answer from when you first registered. It takes 24hours for you to be able to regain access, it then allows you to log in, and add a new mobile number (I used a friends) and got the security code phoned through to me, I was then able to get back in! Good luck, hope this helps!

      • Olia June 23, 2011 at 7:22 pm #

        Hannah,how can I add a new E mail onto my account?

  6. Babar khan August 28, 2011 at 10:33 pm #

    dear,
    sir,my account is deactivate bcoz i lost my mobile and ow i can"t get security code and i also an"t add reconized device to active my account please tell me what can i do ?there is no rplyy from facebooki too can no longer log into my account because this system is not working, I been trying to find a solution but I have had not feedback what so ever from Facebook, and I confirmed that other services that use functions like this do work
    [email protected]

    • kammy October 22, 2012 at 6:16 pm #

      let me know if u hear a reply i am in the same situation!!

  7. masab gondal December 4, 2011 at 12:34 pm #

    hi,
    i am a user of facebook.i have been facing problem to get my login approval code on my mobile for last 2days.i tried many resends of the approval code but did not receive it.neither Facebook admin did not reply my issue neither they responded via anyemail regarding the issue.can any body tell my how to access my code or facebook account without code.
    thnx

    • Julie December 5, 2011 at 10:45 am #

      U need to file a report.. Then u need to submit gov. I'd like passport..then wait for Facebook reply:) be patient :)

      • fAirr December 18, 2011 at 6:23 am #

        but how if the code is sent to a number which is no longer being used? how can i do that?

  8. R.Aditya Srikanth December 23, 2011 at 4:44 pm #

    The mobile number registered in my account is inactive , so when
    Facebook does security check and sends the security code in my mobile number I couldn’t get it , so how am I going to change my mobile number ? Coz I couldn’t log in because of security check procedures?

  9. Monster January 19, 2012 at 7:54 am #

    I think it could be a good idea if Facebook develops its own Two Factor Authentication app for smart phones - Similar to the Google Authenticator App available for iPhones at the iTunes store. That way, the authentication tokens are created on the the smart phone locally - Instead of relying exclusevely in their SMS Gateaway which may become unstable, as well as the Mobile network of the users. The smart phones could even be out of celular network reach but as long as it has battery it can still serve authentication tokens through the app itself.

  10. milos February 1, 2012 at 9:55 pm #

    security code mobile face

  11. Anita March 6, 2012 at 5:34 am #

    What is up?

  12. Sharon Stephens Hicks March 26, 2012 at 5:00 pm #

    I am having the same problem? So why hasn't anyone correctly answered this question? Why can't we turn login approvals off? And why does fb totally ignore our emails? I've been off for 4 days and slao deleted fb from my phone thinking that would help but no . so now I cant even login from my mobile phone. Can anyone please help???? Thank you in advance.

  13. Kathryn August 17, 2012 at 1:32 am #

    Same thing happened here - after repeated attempts to enter codes & such .. They will not reactivate any of my devices or help me log in to do so. The multi zillion $ co does nothing to help in this area to the people who are actively helping keep it up & running . Very sad.

  14. Mik September 20, 2012 at 8:34 am #

    Its been four days now and no response !! Piss poor effort FB

  15. Mik September 20, 2012 at 8:35 am #

    Its been four days now and no response !! Poor effort FB

  16. kammy October 20, 2012 at 12:40 pm #

    same problem. any links ?

  17. zens November 11, 2012 at 11:36 am #

    lol. i think the login approval will be the perfect security, but its worse. lolz

  18. sarah brodrick January 23, 2013 at 2:22 am #

    Hi all,
    I have been going out of my mind for over a week, I have sent numerous reports to facebook and yet they havent bothered. Aspam post (not intended as spam as it was my best friend who commented on my post)posted on my wall 545 times these 545 message posts were also pinging my phone , i panicked and quickly unlinked my phone from facebook when i then tried to log in later that day and it said i dont have phone linked to account therefore they cannot send login approval code!!!! I tried all sorts tried all their 'help' pages' even sent my government photo id and they arseholes still blank me arghhhh . I then tried a different email account and was told (via automated screen message) my account would be active after 24 hours-was it hell!!! i counted down the last 30 minutes then tried to logg in and it sent me right back to where i started still no facebook retrieval. This is outrageous, reading that this is a very common problem, the amount of bloody money the company have, you'd think they would have sorted it out. I dont know what to do ? Has anyone had any joy yet.

  19. Anonymous April 15, 2013 at 5:58 am #

    48 hours gone without accessing my facebook. I really wish i hadn't turn this crap on.
    Everytime i try, they send the code but it's not working. Somebody help.!! :(

  20. GOPINATH October 29, 2013 at 3:42 pm #

    dear sir,
    i am from india. In my account, login approvals setting is not found on security page. What can i do??

    • Martin Brinkmann October 29, 2013 at 4:18 pm #

      You need to have entered a mobile phone number on Facebook. Did you do so?

      • GOPINATH October 30, 2013 at 2:15 pm #

        i have added 3 phone numbers sir..

  21. thiha July 3, 2016 at 10:34 pm #

    I lost my phone.I can't login approval code.Please sent me approval code in this emai.I am real owner.Thanks you.

Leave a Reply