Facebook introduces one-time passwords
For all those who simply must access Facebook from a public computer, the social network introduced the option of receiving a one-time password to be used instead of their regular one.
To do this, users must have a mobile phone associated with their account, so that when they send a message containing the text “otp” to a predefined number (32665 – that can’t be international, can it?), they can receive the disposable password via their mobile phones.
The password actually expires in 20 minutes, and can be used only once. This security feature will be available to all users in the coming weeks.
Facebook also reminds its users about the previously announced remote logout feature – which is now available to all – and that it is a good idea to occasionally update their security information, since the information will be used to verify their identity in case they ever happen to lose access to the account. Users will be also occasionally prompted to do this.
Some months ago, the social network announced – among other things – a security feature that would allow them to block suspicious logins by asking questions that can be answered only by those privy to this security information – ideally, only the user.
“When we see that someone is trying to access your account from an unusual device, we’ll ask the person to answer an additional verification question to prove his or her identity as the real account owner. For example, we might ask the person to enter a birth date, identify a friend in a photo or answer a security question if you’ve previously provided one. These questions are designed to be easy for you, and hard for a bad guy, and we’ve already seen some great results,” they said.