Facebook two-factor authentication no longer needs a phone number


Facebook two-factor authentication
You can now make Facebook more secure without handing over your number.
Photo: Facebook

You can now secure your Facebook account with two-factor authentication without handing over your phone number.

The social network now works alongside apps like Google Authenticator, Duo Security, and more. Its setup process has also been refined to make bolstering security a simpler experience.

You should use two-factor authentication wherever you can. You might consider it a slight inconvenience, but it’s the easiest way to prevent unauthorized access to your online accounts. It stops others from logging into your account — even if they get hold of your password.

But what if you don’t want services like Facebook to know your phone number? Now you don’t have to give it up.

Facebook simplifies two-factor authentication

Facebook has overhauled its two-factor authentication process, making it easier to setup and negating the need to use a phone number. Users are now guided through the activation process, and they can use a number of third-party authentication services as opposed to SMS codes.

Facebook supports Google Authenticator, Duo Security, Authy, and more on both desktop and mobile.

You can activate two-factor authentication using Facebook on the web (visit https://facebook.com/settings), or inside the mobile app by going into its Settings menu, selecting Secuity and login, and then choosing Use two-factor authentication.

“Two-factor authentication is an industry best practice for providing additional account security,” Facebook says. “We continue to encourage enabling two-factor authentication to add an extra layer of protection to your Facebook account.”

Facebook ran into problems with SMS

This change comes just a few months after Facebook confirmed a bug in its two-factor authentication system that caused users to receive unsolicited messages. The number it used to send authentication codes, 362-65, was also sending out other notifications users didn’t ask for.

To make matters worse, users who replied to these messages quickly discovered that their replies were somehow being posted to their Facebook profiles. The whole thing became very messy and obviously didn’t go down well with Facebook users.