Cyber Security

You Can Now Use Physical Safety Keys To Log Into Facebook

It’s more secure than other traditional methods

Cyber Security
Jan 27, 2017 at 12:30 PM ET

Imagine using a physical key to enter an online account. It might sound odd, but Facebook believes it’s the most secure way of keeping your account safe.

The social network announced Thursday that it’s going to start letting users log into their accounts with Security Keys, which are USB-like keys that are more effective than traditional two-factor authentication logins.

Security Keys replace getting a security code for login approvals from a text message or via the Facebook app. This kind of two-factor authentication, even though it’s safer than having a simple password, is not always reliable or can still be intercepted by a hacker.

To set up a security key, Facebook users have to purchase a key and set it up under Security Settings. Once that’s done, users just have to insert it into the computer and tap it whenever they’re going to log into Facebook. Yubikeys, one of the keys available, cost about $18 and look just like thin USB thumb drives that can be added to a keychain. They can also be used to log into other sites such as Google, Dropbox, and other universal two-factor authentication supported services. Twitter doesn’t support it.

This process might seem like a nuisance since you have to carry them everywhere with you — although you should be carrying your keys everywhere you go — but they guarantee protection from phishing scams and a faster login. You no longer have to wait for a security code to be sent to your phone or app.

The only downside to security keys is that they don’t work with mobile devices, which don’t have the correct port, and will only work with the latest version of Chrome and Opera. Therefore, it’s still important for users to have a traditional two-factor authentication set up.

Facebook’s announcement comes as many people become more aware of internet security practices. Two-factor authentication is extremely important to prevent someone from trying to hack your account.