Facebook Now Texts Users Temporary One-Time Passwords [News]

0 fb security intro   Facebook Now Texts Users Temporary One Time Passwords [News]Facebook is at constant war with their privacy settings, often altering/tweaking things that cause a lot of users headaches. We have covered Facebook privacy here a multitude of times.

One issue we’ve never tackled was that of protecting the sanctity of your Facebook profile when you’re in a public place. What do I do if I forgot to logout? How do I prevent this from happening again?

Facebook is attempting to answer both of these questions by rolling out some new features: temporary passwords and remote logging out. Allow me to point out how these features work, as well as assess the need for them.

Facebook Will Text Me A Password?

To receive a temporary password to your account, all you have to do is text

otp

to

32665 (FBOOK)

from the mobile phone you have associated with your Facebook account.

You’ll receive a temporary password that expires in 20 minutes and can only be used once. The code will be a very secure one that includes both lower and uppercase letters and numbers, which will be relatively hard to remember, so be sure to keep your phone with you when you go to login.

1 fb security settings   Facebook Now Texts Users Temporary One Time Passwords [News]

If you are worried about forgetting to log out of your account, Facebook has you covered with their remote logout feature.

On your Account Settings page, Facebook will now show your activity, also. This will let you see the approximate location your account was accessed from, as well as the device from which it was accessed.

Thoughts?

Tech Crunch called Facebook’s temporary password idea “genius” and “brilliant”. While I think it is a good move, I’m not entirely convinced that Facebook had to create a system for texting temporary passwords. Remote logout capabilities and recent activity seem to be enough for me, but it looks like Facebook really wanted to cover all the angles.

I’m interested in hearing your thoughts on this. Leave a comment below!

Source: Facebook

The comments were closed because the article is more than 180 days old.

If you have any questions related to what's mentioned in the article or need help with any computer issue, ask it on MakeUseOf Answers—We and our community will be more than happy to help.

17 Comments -

MFriend

lossr

TLW

Steven, I’ve been using the Account Security settings for several months. It’s annoying, but it makes me feel safer about my FB account, which was hacked several times. I don’t log into to FB anywhere other than my iPhone or Desktop. I will not be using FB Temp PW’s. But here’s the thing, and perhaps you know the answer to my question. Sometime ago I read that we should not allow FireFox to save our passwords. How true is that?

Steve Campbell

Anytime you save a password in your browser it has the potential to get hacked or stolen, provided somebody is looking for it. So long as no one besides yourself is using the computer I don’t really see a problem with it. You can always change a password.

Aibek

The passwords saved in the browser can be recovered by malware. There has several security fixes addressing this in the past. So it’s very likely some exploits are still there undiscovered. I strongly advice not to use this feature for things like bank accounts, email and any other sensitive accounts.

TLW

Um. I’d delete the comment right above mine. People feel so empowered by the keyboard. Tsk Tsk :)

Steve Campbell

Doesn’t bother me. The more comments the better! :)

AVH

What’s to stop someone taking my phone, texting “otp to 32665″ and receiving a temporary password back to my phone then using that to log into my facebook and reeking havoc on it?

Steve Campbell

That’s the exact problem I brought up with it at first, but when I thought about it more it made a bit more sense:

The password expires in 20 minutes, so if someone took your phone, sent a text out, and wrote down the temporary password, that person would then have to get to a computer within 20 minutes to use it. Surely they wouldn’t want to stay near you either, having just stolen your phone.

However, most people have Facebook on their smartphones to begin with, so if someone took it, they could probably access your account even if otp didn’t exist, not to mention all the other important things that reside on your phone.

Furthermore, you can go into your account settings and view your login history, so you can see whether or not someone has been accessing your account without your knowledge.

You can’t change your password without typing the old one in, so you don’t really have to worry about that either.

Steve Campbell

That’s the exact problem I brought up with it at first, but when I thought about it more it made a bit more sense:

The password expires in 20 minutes, so if someone took your phone, sent a text out, and wrote down the temporary password, that person would then have to get to a computer within 20 minutes to use it. Surely they wouldn’t want to stay near you either, having just stolen your phone.

However, most people have Facebook on their smartphones to begin with, so if someone took it, they could probably access your account even if otp didn’t exist, not to mention all the other important things that reside on your phone.

Furthermore, you can go into your account settings and view your login history, so you can see whether or not someone has been accessing your account without your knowledge.

You can’t change your password without typing the old one in, so you don’t really have to worry about that either.

TLW

Well kind Gentlemen, it’s time for me to go back to writing them down in the handy old black book. That sucks :)