Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Facebook Now Lets Mobile Users Secure Accounts with Security Keys

Social media and advertising giant Facebook today announced that it is now allowing mobile users to secure their accounts with the help of security keys.

Social media and advertising giant Facebook today announced that it is now allowing mobile users to secure their accounts with the help of security keys.

Available for Facebook’s desktop users since 2017, the authentication method requires that the user confirm authentication requests with the help of a physical security key.

This additional authentication step is meant to significantly increase account protection, as it relies on the use of a physical device that an attacker is assumed to never have access to.

“Starting today, you can set up two-factor authentication and log into Facebook on iOS and Android mobile devices using a security key, available to anyone in the world,” Facebook announced.

Two-factor authentication (2FA) has evolved from codes sent via SMS or email to the use of authenticator applications and security keys, making it increasingly difficult for a threat actor to come in the possession of both the account password and the second factor.

Since 2017, Facebook has been providing users the option to enable 2FA and choose physical security keys as the second authentication factor, with that feature now available for iOS and Android users as well.

Users who may need such strong authentication protection are those most exposed to malicious attacks, including public figures, politicians, journalists, and human rights defenders, among others.

“We strongly recommend that everyone considers using physical security keys to increase the security of their accounts, no matter what device you use,” Facebook says.

Security keys can be connected either via Bluetooth or can be directly plugged into phones.

To enable the use of security keys as the authentication method, Facebook users should head over to the Security and Login section of the Settings menu.

The social platform also says it plans to expand the availability of its Facebook Protect program to include additional at-risk groups, alongside political campaigns and candidates.

Related: Twitter Users Can Now Secure Accounts With Multiple Security Keys

Related: New YubiKey 5C NFC Security Key Brings NFC, USB-C Connections 

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.