New Facebook security features
Posted on 28 October 2011.
Facebook will be adding two new security features that will allow users to regain control of their account if it gets hijacked and to use a unique password for different third party applications that require logging in with Facebook credentials.

The first feature can be compared to giving a copy of your house key to a set of friends, except that you have to gather all the keys in order to enter the house.

In Facebook's case, the keys are codes, and the user can choose from three to five "trusted friends" who are then provided with a code. If you ever get locked out of your account (and you can't access your email to follow the link after resetting your Facebook password), you gather all the codes and use them to gain access to it again:

As easy and simple as this might sound, I can't help but wonder what's stopping the intruder to simply change the designated trusted friends once he takes control of the account. It seems impossible that Facebook developers haven't thought of this possibility, but I guess will have to wait for the introduction of the feature to find out the solution they thought of.

The second feature will be welcomed with open arms by all users who are too paranoid to use their Facebook login credentials to log in into third party apps.

Facebook will allow you to create app-specific passwords for those apps, and you'll only have to use it the one time:

"This is especially helpful if you have opted into Login Approvals, for which security codes don't always work when using third party applications," pointed out Facebook.

The features will be rolled out in the coming weeks.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th