Facebook will make it mandatory for more at-risk users to adopt two-factor authentication to secure their accounts. Will this be the final solution to the social media platform’s escalating number of account hacking incidents?
Over years running, Facebook has offered its users the opportunity of using two-factor authentication to secure their accounts. The platform’s most vulnerable users will soon have no choice: the social network will force them to use more than simply a password to secure their accounts. This seems to be a good move by the social media giant to secure it users.
Since last year, Facebook’s parent company, Meta, has demanded that advertising accounts and administrators of popular pages enable two-factor authentication. It isn’t the only platform to take this step; in May, Google stated that two-factor authentication would become the standard for all of its users.
Though Meta claims that its present experiment is limited to politicians, activists, journalists, and others participating in its Facebook Protect program, it appears to be a test to see how easy it is to turn on two-factor authentication for everyone.
Meta is however working to ensure that it can assist people all across the world in troubleshooting any connected issues that may emerge.
“We aren’t planning to roll it out to everyone right now,” Meta’s head of security policy Nathaniel Gleicher told reporters ahead of the announcement. “But we can slowly expand within the communities where it’s most critical—communities where people could be most targeted and where the consequences would be most significant.”
Facebook Protect began as a trial initiative in the United States in the run-up to the 2018 midterm elections and has since grown to include the 2020 presidential election.
Facebook automatically enrolls some well-known public figures in the initiative, but it has also been developing tools for others to propose themselves for inclusion, such as enlisting entire newsrooms. Users cannot opt out of Facebook Protect once they have signed up.
Protect’s global deployment began in September, and it’s now available in 12 countries, such as India, the Philippines, and Turkey, according to Meta. Upwards of 1.5 million people have signed up for the initiative, with about 950,000 of them enabling two-factor authentication for the first time as a result of the mandate. Protect will be available in 50 countries by the end of the year, with more to follow in 2022, including Myanmar and Ethiopia, according to Gleicher. In addition to requiring two-factor verification, Facebook Protect also provides automated account monitoring and scanning.
While Google is the consumer tech giant leading the charge for obligatory two-factor authentication, others have taken lesser moves. After just a series of account break-ins, Amazon’s Ring smart camera startup required two-factor authentication for its few million consumers in early 2020. Twitter also introduced prompts in 2018 to urge candidates to enable two-factor authentication. Merely 2.3 percent of the social network’s users have implemented two-factor authentication, according to a July report.
Only approximately 4% of Facebook’s monthly active users globally had chosen two-factor authentication, Facebook reported prior to the launch.
“Despite being one of the best available defenses against account compromise, two-factor authentication has historically been underutilized across the internet, especially by users who are most targeted by criminal hackers,” Gleicher added.
“We all need to go beyond increasing awareness and encourage enrollment in 2FA to help drive greater enrollment.” But we must also ensure that individuals all around the world, especially those in locations with poor or restricted internet or smartphone access, such as huge swaths of the global south, can continue to use these platforms.” Gleicher went on to say.
Can My Account Still be Hacked With 2FA Enabled?
Whack-a-mole is a good analogy for cybersecurity. As soon as the good men put an end to one onslaught, another appears.
Usernames and passwords used to be sufficient for keeping an account secure. However, cybercriminals quickly worked out a way around this.
They frequently employ “brute force assaults,” in which they bombard a user’s account with a variety of password and login combinations in an attempt to guess the correct one.
A second layer of protection, known as two-factor authentication, or 2FA, was implemented to combat similar attacks. Although 2FA is increasingly widely used, does it also give potential for fraudsters to exploit loopholes?
Best Practice Remains Two-factor Authentication
Notwithstanding all of this, the human aspect remains the greatest susceptibility to being hacked. Successful hackers employ a surprising number of psychological techniques.
A cyber attack could take the form of a friendly request, a frightening warning, a message purporting to be from a friend or colleague, or an attractive “clickbait” link in an email.
The most ideal approach to defend yourself against hackers is to cultivate a healthy dose of skepticism. The odds of being hacked become vanishingly minimal if you thoroughly inspect websites and links before clicking through and use 2FA.
In the end, two factor authentication is excellent in keeping your accounts secure. When given the choice, however, attempt to avoid the less secure SMS approach.
In the same way that criminals hunt for residences with weak security in the physical world, hackers on the web look for flaws.
Whereas any security mechanism may be circumvented with plenty of effort, a hacker will not make that risk unless they stand to gain something more valuable in return.
