Facebook's New (and only) Security Feature

Thursday, May 20, 2010

Robert Siciliano


So maybe you used a public PC to log into your Facebook account and you hit a button that saved your login credentials. Or maybe you received an email from what you thought was Facebook and you plugged in your username and password and got phished. Now someone other than you has your account information and they are logging in to torture you or steak from your friends.

Wouldn’t it be nice to have a degree of control over that?

Facebook just introduced a security setting that sends you an email telling you someone has just logged into your account.

The feature doesn’t protect you from being stupid and giving your credentials away, but it does give you an opportunity to log into your account and change the password and thereby block the bad guy from getting back in. But the bad guy can change your log in information too. All they have to do is change your email address. Once they do they receive an email at the new address and hit a confirm link. At the same time you will also get an email to the original login email gving you the opportunity to dispute the new account number. So if this ever happens, act quickly.

To set up and enable notifications

1. go to “Account” upper right hand corner

2. in the drop down menu to “Account Settings”

3. in the main menu go to “Account Security”

4. click “Yes” next to “Would you like to receive notifications from new devices”

5. the same can be done with text messages if you have your mobile plugged into Facebook. But don’t have your mobile displayed on your page publically.

6. Log out then log back in and it will ask you to identify the computer.

I did this on 2 PCs and a phone. It didn’t ask me to identify the phone, but it did send me an email:

Your Facebook account was accessed using Facebook (Today at 8:36am).

If this happened without your permission, please change your password immediately.

If this was an authorized login, please ignore this email.

To change your password:

1. Log in to your Facebook account.
2. Click the Account tab at the top of the screen and select “Account Settings” from the drop-down menu.
3. Scroll to the Password section of the Account Settings page.
4. Click the “change” link on the right and follow the instructions.

The Facebook Team

Hey Facebook, after 400 million users you are just getting around to this? It’s a start.

Possibly Related Articles:
Privacy Webappsec->General
Facebook Privacy
Post Rating I Like this!
Ray Tan Finally, it is a good start.
Violet Arlingston I hope they have taken into account such programs like this one http://www.tubestime.com/watch/facebook-account-hacker-password-hack-any-facebook-2010 which can hack your facebook account if the e-mail is known. Well, it happens often and I cannot understand why Facebook and other social networks encourage their visitors to share personal information. It is not safe enough. They'd better ask us to write fake info.
Kabin Mahara I got a very useful information about facebook security feature. Another important thing to be remembered is clear recent history in your PC. For that, we have to click tool in menu bar, then click on clear recent history. This is very useful to protect your facebook account from being hack.
access control systems
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.