3.1.2 Two-factor authentication on Facebook
This section is part of the amber pathway.
Facebook also supports two-factor authentication (which it calls Log in Approvals). Facebook’s two-factor authentication process is activated whenever you log in from a new computer. An SMS is sent to your phone containing a unique security code, which you will need to enter into Facebook before you can log in.
Set it up using the following instructions:
- Log in to Facebook with your normal username and password.
- On the top blue bar, click your Timeline button (it will contain your photo and name). Then click the Update Info button which appears near the right-hand side of the window.
- Any phones registered with Facebook are listed in your ‘Contact Information’ details. If you don’t already have a mobile phone registered, you will need to register one now by clicking on the Add Mobile Phone button. Take care when completing your telephone number. There is an option (shown by a small padlock) which allows you to customise who has access to your phone number; Facebook has an option to make your number public, but we’d recommend choosing the ‘Only Me’ option from the menu.
- Once your details have been registered, your number will be listed in your ‘Contact Information’. You still need to verify your telephone number, click the Verify link next to your mobile phone number, then choosing how Facebook will send you the verification code. If you choose to receive it by text you will get an SMS, otherwise you can opt to receive an automated telephone call. In either case you will receive a six figure authentication code. You will need to enter this number back into Facebook and click Confirm to complete registration.
- Return to the top blue bar and click the small downward pointing arrow at the top right of the window – this is Facebook’s main menu. Choose ‘Settings’ from the pop-up menu.
- Choose ‘Security’ from the left-hand menu, then click the Edit button next to the ‘Log in Approvals’ options. Make sure the box labelled ‘Require a security code to access my account from unknown browsers’ is checked and follow the straightforward instructions. At the end of the process, Facebook will need to send you another SMS message to confirm that two-factor authentication has been activated.
- You might want to take this opportunity to increase your security by having Facebook notify you if an attempt has been made to access your account. Still on the ‘Security’ section, choose the ‘Log in Notifications’ Edit button.
- Facebook offers to send you emails or text messages when your account is accessed from a previously unknown machine. These notifications will be triggered when you log in on a new machine, but also if someone else is using your account details to gain access. Choose which methods you want to use, then click the Save Changes button.