Story image

Facebook ups the ante on security

Social networking giant Facebook has announced a new security feature, as the company looks to improve protection for its users.

According to Brad Hill, security engineer at Facebook, says users are always asking what they can do to make their online accounts more secure.

“Like most security professionals, I recommend setting up two-factor authentication,” he says.

“That means when you log into Facebook from a new phone or browser, you'll enter a special security code from your phone in addition to your password. That way, it's much harder for someone else to access your account, even if they have your password,” he explains.

Hill says Facebook is now taking that account protection a step further – with Security Key.

“Most people get their security code for login approvals from a text message (SMS) or by using the Facebook app to generate the code directly on their phone,” Hill explains.

“These options work pretty well for most people and in most circumstances, but SMS isn't always reliable and having a phone back-up available may not work well for everyone,” he says.

Users can now register a physical security key to their account so that the next time they log in after enabling login approvals, they’ll simply tap a small hardware device that goes in the USB drive of their computer.

According to Hill, using security keys for two-factor authentication provides a number of important benefits:

·       Phishing protection: Your login is practically immune to phishing because you don't have to enter a code yourself and the hardware provides cryptographic proof that it's in your machine.

·       Interoperable: Security keys that support U2F don't just work for Facebook accounts. You can use the same key for any supported online account (e.g. Google, Dropbox, GitHub, Salesforce), and those accounts can stay safe because the key doesn't retain any records of where it is used.

·       Fast login: If you use a security key with your desktop computer, logging in is as simple as a tap on the key after you enter your password.

Facebook security tips

Take the Privacy Checkup. You'll walk through a few quick steps to make sure only the people you want to see your stuff can see it. You can review who you're posting to, which apps you're using, and the privacy of key pieces of information on your profile.

Choose who sees what you postOn Facebook, you can use the audience selector to choose who will see each of your posts — just your friends, everyone, or specific people you select.

Increase your account security by turning on login approvalsYou'll get a unique security code each time you access your Facebook account from a new device.

Manage your ad preferences: Want to know why you're seeing a particular ad, or see more that are relevant to your preferences? Ad preferences lets you control the ads you see so they are more useful to you. You can also hide a particular ad.

Check yourself: Ever wondered what your Facebook profile looks like to other people? You can use View As to preview what the public or a specific person, like a friend or a coworker, would see if they visited your profile.

Wine firm uses AR to tell its story right on the bottle
A Central Otago wine company is using augmented reality (AR) and a ‘digital first’ strategy to change the way it builds its brand and engages with customers.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Protecting organisations against internal fraud
Most companies tend to take a basic approach that focuses on numbers and compliance, without much room for grey areas or negotiation.
Telesmart to deliver Cloud Calling for Microsoft Teams
The integration will allow Telesmart’s Cloud Calling for Microsoft Teams to natively enable external voice connectivity from within Teams collaborative workflow environment.
Jade Software & Ambit take chatbots to next level of AI
“Conversation Agents present a huge opportunity to increase customer and employee engagement in a cost-effective manner."
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.