Facebook launches security key
Users can now add a physical security key to their Facebook account Reuters/Philippe Wojazer

To improve security online, social media giant Facebook has introduced a new login feature that reduces data breach.

Facebook has rolled out a security key, a part of an extra security feature called login approvals. Using the security key for login is a simple process and is like using a key to unlock a door. After entering the password to log into your Facebook account, tap a physical security key instead of entering a security code.

Users can now register a physical security key to their account. The next time they log in after enabling login approvals, all they need to do is just tap a small hardware device that goes in the USB driver of their computer, explains Facebook in a blog post.

These security keys, which support Universal 2nd Factor standard, can be purchased from companies like Yubico.

An important benefit of the security keys for two-factor authentication is the protection against phishing attacks, as it does not need entering a code and the hardware provides cryptographic proof that it is in the machine.

The security keys with U2F support not only work for Facebook accounts, but can be used for any supported online account such as Google, Dropbox, GitHub and Salesforce. The security key does not retain any records of where it has been used, and so the other online accounts can stay safe.

As the security keys for Facebook logins work with only certain web browsers and mobile devices, users will need to register an additional login approval such as using mobile phone or code generator.

First ensure that you are on the latest version of Chrome or Opera browser, to add a security key from your computer. Those who have an NFC-capable Android device with the latest version of Chrome or Google Authenticator installed can use an NFC-capable key to log in from the mobile website.

How to add a security key

Note that you need to be on the latest version of Google Chrome or Opera

  • Head over to your Security Settings
  • Scroll down to Login Approvals and click Edit
  • Go to Security keys and click Add key
  • Follow the on-screen prompts to complete the process
  • Once the security key is added successfully, it will appear with the name given in user's Security Key section