sb-nz logo
Story image

Facebook ups the ante on security

Social networking giant Facebook has announced a new security feature, as the company looks to improve protection for its users.

According to Brad Hill, security engineer at Facebook, says users are always asking what they can do to make their online accounts more secure.

“Like most security professionals, I recommend setting up two-factor authentication,” he says.

“That means when you log into Facebook from a new phone or browser, you'll enter a special security code from your phone in addition to your password. That way, it's much harder for someone else to access your account, even if they have your password,” he explains.

Hill says Facebook is now taking that account protection a step further – with Security Key.

“Most people get their security code for login approvals from a text message (SMS) or by using the Facebook app to generate the code directly on their phone,” Hill explains.

“These options work pretty well for most people and in most circumstances, but SMS isn't always reliable and having a phone back-up available may not work well for everyone,” he says.

Users can now register a physical security key to their account so that the next time they log in after enabling login approvals, they’ll simply tap a small hardware device that goes in the USB drive of their computer.

According to Hill, using security keys for two-factor authentication provides a number of important benefits:

·       Phishing protection: Your login is practically immune to phishing because you don't have to enter a code yourself and the hardware provides cryptographic proof that it's in your machine.

·       Interoperable: Security keys that support U2F don't just work for Facebook accounts. You can use the same key for any supported online account (e.g. Google, Dropbox, GitHub, Salesforce), and those accounts can stay safe because the key doesn't retain any records of where it is used.

·       Fast login: If you use a security key with your desktop computer, logging in is as simple as a tap on the key after you enter your password.

Facebook security tips

Take the Privacy Checkup. You'll walk through a few quick steps to make sure only the people you want to see your stuff can see it. You can review who you're posting to, which apps you're using, and the privacy of key pieces of information on your profile.

Choose who sees what you postOn Facebook, you can use the audience selector to choose who will see each of your posts — just your friends, everyone, or specific people you select.

Increase your account security by turning on login approvalsYou'll get a unique security code each time you access your Facebook account from a new device.

Manage your ad preferences: Want to know why you're seeing a particular ad, or see more that are relevant to your preferences? Ad preferences lets you control the ads you see so they are more useful to you. You can also hide a particular ad.

Check yourself: Ever wondered what your Facebook profile looks like to other people? You can use View As to preview what the public or a specific person, like a friend or a coworker, would see if they visited your profile.

Story image
Mobile devices biggest enterprise security threat - report
Businesses have left themselves vulnerable and open to cyber criminals in the rush to ensure their workforce could operate remotely during the Covid-19 pandemic.More
Story image
Kroll completes Redscan acquisition, expands cyber risk portfolio
With the addition of Redscan and its extended detection and response (XDR) enabled security operations centre (SOC) platform, Kroll expands its Kroll Responder capabilities to support a wider array of cloud and on-premise telemetry sources.More
Story image
Data transparency increasingly important, Kaspersky study states
“It is clear from the data that people have developed a sense of control and they are now demanding openness about how and where their data is being managed."More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Story image
Ransomware and Microsoft Exchange attacks surging 
There are global surges in ransomware attacks alongside increases in cyber attacks targeting Microsoft Exchange Server vulnerabilities, according to Check Point Research.More
Story image
Software-based facial recognition in payments industry to dominate by 2025
There will be more than 1.4 billion users of facial recognition software used for payments alone in 2025, up from 671 million in 2020.More