Earlier available on the desktop version, Facebook has now expanded the support of physical security keys for two-factor authentication (2FA) on mobile devices.
Mobile users of Facebook now get to employ a two-factor authentication based on a physical key. The physical key-based login is available on both Android and iOS, and Indian users can avail the same.
Hardware security keys notify the owner when Facebook detects a login from an unrecognized device, and require confirmation with the key, which a hacker or anyone apart from the user wouldn’t have. Physical security keys are about the size of a small pen drive that would fit on a key chain.
Facebook says it does not manufacture in-house key security key, but users can purchase third party devices from Yubico or Google (Google Titan). Since 2017, Facebook allowed users to use a hardware security key for two-factor authentication on the desktop.
In a blog post, the company states that physical security keys are small enough to fit on the keychain and can notify users each time when someone tries accessing the Facebook account from an unrecognised browser or mobile device.
“We ask you to confirm it’s you with your key, which attackers do not have,” Facebook adds. As mentioned, it is much harder for a bad actor to obtain both factors, which keep your password from being your last line of defence against phishing or other malicious attempts to compromise online information. After obtaining a physical security key, open the Facebook app on the Android or iOS smartphone > Settings > Security and Login > Register Key Security > Setup Your Key Security.
Currently, Twitter users can use a security key to sign in and also need an authenticator app or SMS code as another 2FA (two-factor authentication) method.