Meta’s Two-Factor Authentication Update: What You Need to Know
In the past year, Meta introduced changes to the two-factor authentication (2FA) process for Facebook and Instagram. While notifications about these updates were sent out, they may have been overlooked amidst the numerous alerts users receive on these platforms. So, what exactly has changed? According to Meta’s updated settings page, “Any devices you’ve frequently used Facebook on in the past two years will be automatically trusted.” This means that your smartphone and laptop may not require a 2FA code to log in, unless you manually opt out in your settings.
The Evolution of Meta’s 2FA
Over the years, Meta has made several adjustments to its 2FA implementation. In 2018, the company began allowing 2FA codes to activate 2FA protection. Meta faces the challenge of striking a balance between ensuring easy account access and maintaining robust security measures.
Enabling 2FA for Your Meta Accounts
To enable 2FA for your Facebook or Instagram account, navigate to your account’s settings, then select Password and security. You may be prompted to enter your password after choosing Two-factor authentication and the specific account you wish to modify. Scroll down to the Authorized logins section and click on Recognized devices.
Reviewing Your Trusted Devices
In the Recognized devices section, you’ll find a list of all the devices that Meta doesn’t require a login code for. You might be taken aback by some of the older devices on this list. Although the company states that it only includes devices used within the past two years, I discovered an iPad on my trusted list that was last accessed in 2013.
Expert Concerns and Additional Security Measures
While it’s not unusual for social media platforms to trust certain user devices, the automatic nature of this feature raises concerns among experts. As security expert Ellis pointed out when the update was introduced, “My immediate security reaction is that it’s going to lock in long-term access to all of those logged-in things.” Any change that places more responsibility on the user to protect their security increases the potential for mistakes and breaches.
After removing trust for any old devices you no longer use, there are additional steps you can take to enhance the security of your Meta accounts. Always use a strong, unique password. Furthermore, ensure that you wipe the data from your old smartphones and laptops using a factory reset before selling or disposing of them.
Updated 3/5/2024, 5:30 pm EST: Included new details about how Facebook’s 2FA process works for users.
1 Comment
Good thing you’re asking, because not everyone likes jumping through hoops just to log in!