Facebook introduces physical key to boost account security

Security Key

Social media giant Facebook has revealed support for physical security keys, which can be used to authenticate your identity when logging in as an extra layer of protection.

What it means is that even if hackers were to have your username and password details, they would not be able to access your account, because they don’t have the special USB stick.

To make use of the feature, you need to enable two-factor authentication in your security settings on Facebook, and then register a physical security key to your account. Security keys are available from companies such as Yubico, and have support for the Universal 2nd Factor standard (U2F) which is hosted by the FIDO Alliance.

By adding short-range wireless signals to the equation, Facebook becomes the first major platform to offer support for an NFC login system, which enables the keys to be utilised by mobile devices. Phones generally don’t have USB support, but with the latest keys from Yubico, you can transmit data over NFC frequencies and therefore log in on your phone.

However, this is still fairly experimental and has its imperfections. Currently it is only available for Android devices, and users will have to use the login system through the mobile site rather than through the Facebook app. In addition this, you must have the most recent versions of Google Authenticator and Chrome downloaded.

Even if you don’t have security key, it is still recommended to set up two-factor authentication to protect your account from being compromised. Many people have a security code sent to their phone via SMS, which you then need to enter during the login process. Unfortunately this isn’t always completely safe, with it possible for hackers to intercept SMS messages and therefore gain access to your account.

Furthermore, security keys supporting U2F can also be used with a range of other online accounts, with Google and Dropbox among the companies already supporting security keys.