Quantcast
  • UK
    • DE
    • ES
    • FR
    • IT
  • Facebook
  • Linkedin
  • Twitter
  • Follow us
    • Google +
    • Google Currents
    • IOS Application
    • Android Application
    • RSS
  • Newsletters
  • Connect

Silicon UK

  • Menu
    • Articles
      • Cloud
        • Cloud Management
        • Datacentre
        • IAAS
        • PAAS
        • Server
        • Virtualisation
      • Data Storage
        • Big Data
        • Business Intelligence
        • DataBase
        • Storage
      • Enterprise
        • Financial Markets
        • Fund raising
        • Merger and acquisition
        • Start-Up
      • Innovation
        • Green-IT
        • Research
        • Science
        • Wearable Tech
      • Management
        • Incomes
        • Jobs
        • Lay Off
        • Nominations
        • Skills
        • Social laws
      • Marketing
        • Advertising
        • CRM
        • eCommerce
        • ePayment
        • SocialMedia
      • Mobility
        • 4G
        • Laptops
        • Mobile Apps
        • mobile OS
        • Smartphones
        • Tablets
        • WLAN
      • Networks
        • Broadband
        • Carriers
        • M2M
        • Network Management
        • VoIP
      • Projects
        • CIO
        • DevOps
        • Outsourcing
        • Public Sector
        • Service Providers
        • Software vendors
      • Regulation
        • Censorship
        • Governement-IT
        • Justice
        • Legal
        • Surveillance-IT
      • Security
        • Authentification
        • CyberCrime
        • Firewall
        • Security Management
        • Virus
      • Software
        • Collaboration Suites
        • ERP Suites
        • HR Suites
        • Middleware
        • Office Suites
        • Open Source
      • Workspace
        • Browsers
        • Chromebooks
        • Components
        • Mac
        • OS
        • PC
        • Printers
    • Whitepapers
    • Videos
    • Downloads
    • IT Jobs
    • Quiz
    • Webcasts
    • Services
      • 4G Zone – Test your coverage
      • What is My IP address?
      • Test Your Bandwidth
    • Partnerzones
      • Schneider Electric
      • Huawei
      • Silicon 360: Breaking Down The Final Barriers To Cloud
      • Pulsant IT Infrastructure – Create your Ideal Solution
  • Cloud
    • Cloud Focus
      • Cloud Management
      • Datacentre
      • IAAS
      • PAAS
      • EU Opens In-Depth Probe Into Apple’s Shazam Buy

      • Facebook Building Team To Design Own Chips – Report

      • IBM Disappoints As Q1 Profit Slips

      • police handcuff security crime keyboard © Oleksiy Mark Shutterstock

        Proposal Gives EU Judges Power To Demand Data Across Borders

      • cloud

        Top Cloud Infrastructure Vendors Set To Take Lion’s Share Of Market

  • Security
    • Security Focus
      • Authentification
      • CyberCrime
      • Firewall
      • Security Management
      • HSBC, security

        Kaspersky Lab Discovers Russian Hacker Infrastructure

      • Scam

        Tech Support Scams Surge 24 Percent

      • MEPs Pressure Zuckerberg To Face European Parliament

      • © Monika Wisniewska - Fotolia.com

        NHS Fixes Defaced Data Website

      • iPhones Open To Wi-Fi ‘Trust’ Hijacking

  • Big Data
    • Big Data Focus
      • Big Data
      • Artificial Intelligence
      • Data Analytics
      • Groups Hit YouTube With Complaint Over Data Gathering On Kids

      • Facebook’s Sandberg Admits ‘A Few’ Advertisers Have Paused Spending

      • Facebook - Shutterstock - © Pan Xunbin / Shutterstock.com

        Zuckerberg Admits Mistakes As Data Harvesting Rises To 87 Million

      • EU Brexit referedum

        Facebook Says No Russian Interference In UK Brexit Vote

      • HP-Autonomy Fraud Trial Begins In US

  • IoT
      • IoT-Special
      • Future Tech
      • Smart Cities
      • M2M
      • Microsoft To Invest $5bn For IoT Push

      • Google Renames Android Wear ‘Wear OS’ As Industry Mutates

      • google nest smart thermostat

        IoT Smart Devices Easy To Hack, Researchers Warn

      • Government Guidelines Aim To Secure Smart Devices

      • How Lumileds New-Gen LEDs Lit Up Super Bowl LII

  • Networks & Telecoms
    • Networks & Telecoms
      • Broadband
      • Network Management
      • M2M
      • Carriers
      • VoIP
      • ZTE Claims Survival At Risk Due To US Sales Ban

      • TalkTalk, Vodafone Continue To Top Complaints League

      • iPhones Open To Wi-Fi ‘Trust’ Hijacking

      • police handcuff security crime keyboard © Oleksiy Mark Shutterstock

        Proposal Gives EU Judges Power To Demand Data Across Borders

      • zte stand

        NCSC Warns ZTE Poses ‘Risk To UK National Security’

  • Mobility
    • Mobile Focus
      • Mobile Apps
      • Laptops
      • Smartphones
      • Tablets
      • WLAN
      • 4G
      • Apple To Replace Some Macbook Pro Batteries

      • EU Opens In-Depth Probe Into Apple’s Shazam Buy

      • Autonomous_drive_commuting

        UK To Work With Michigan On Driverless Cars

      • Google Launches ‘Chat’ App To Rival iMessage

      • ZTE Claims Survival At Risk Due To US Sales Ban

  • Quizzes
  • IT Life
  • Whitepapers
  • Events

Home > Workspace > Facebook Introduces ‘Instant’ Two-Factor Au...

Facebook Introduces ‘Instant’ Two-Factor Authentication

Matthew Broersma , December 26, 2016, 9:30 am
Matthew Broersma
Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Follow on: Google +
Facebook
Twitter
Google +
Linkedin
1

The ‘instant verification’ feature allows users to log into services using their phone number without having to receive a text message

Facebook has introduced a mobile login feature that allows users to take advantage of two-factor authentication without having to receive a text message.

The move is the latest effort by online services providers to find a balance between security and practicality at a time of increasingly frequent and large-scale data breaches.

SQL username password - Shutterstock: © hauhu

Instant verification

Facebook made the change to Account Kit, a developer kit that implements features for logging into services via phone number and email, and which works with Facebook’s main login system.

If the new “instant verification” feature is switched on, when a user enters their mobile phone number into an app from an Android device, the service checks to see if the number matches the verified phone number listed on the person’s Facebook profile.

This can only be done if the user is logged into the Facebook application on the same Android device, Facebook software developer Ethan Goldman-Kirst said in a blog post.

If there is a match, Facebook completes the verification without sending a one-time password via SMS.

“If there isn’t a successful match, a SMS will be sent with a verification code to complete the sign-in,” Goldman-Kirst wrote. “This feature is used only to improve the verification process in a secure way and no additional Facebook information is shared with the app.”

Security risk?

He said the feature is intended to “streamline the login process and rely less on SMS for those signing in with their phone number”. The company posted a video demonstrating how the feature works.

The change is intended to allow two-factor authentication to be used with less inconvenience to users, but one industry observer warned that the ease of use brings additional security risks with it.

An attacker could target someone’s mobile phone and abuse instant verification to log into multiple web accounts to collect their personal information, said security journalist David Bisson in a blog post.

An attacker who had gained access to a person’s Facebook account could change the saved mobile phone number, preventing the user from accessing accounts elsewhere, he said.

“To me, Instant Verification and Account Kit both feel a lot like reusing a single password across multiple accounts,” he wrote. “It’s convenient for sure, but it comes with a single point of compromise: a mobile phone and its corresponding contact number. If mobile users aren’t already dedicating enough attention to protecting their mobile devices or web accounts, is streamlining mobile logins using instant verification the best answer?”

Do you know all about security in 2016? Try our quiz!

Facebook Twitter Google + Linkedin
View 1 Comment
Hide Comments

Cancel reply

  1. Brian says:
    December 27, 2016 at 10:12 am

    Typical security ‘experts’ at work. You either use two factor authentication or you don’t. This watering down is just plain silly to say the least, lot better to just stick with secure password, and offer proper two factor authentication for those who want the extra security. Not everyone will!

    Reply

Register
to receive Silicon Mobile Roundup
Flight Delayed Over Galaxy Note 7 Hoax
Hacked Sony Music Tweets Britney Spears ‘Death’ Hoax
Related themes
Facebookloginsecuritytwo-factor authentication
#TrustOpen Red Hat

Where are you on your automation-journey?

...

What are the biggest advantages of Open Source?

...

Who drives innovation in your company?

...

powered by Red Hat

X
You may also like
 

Article by silicon.co.uk


Tales In Tech History: The Password
 

Article by silicon.co.uk


eBay 'Downgrading' Some Users' Two-Factor Authentication
 

Article by channelbiz.co.uk


Exertis Strengthens Security Portfolio with ESET
 

Article by channelbiz.co.uk


Juniper Positions Security as Priority For Channel
STAY CONNECTED
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Google +
    • Google Currents
    • IOS Application
    • Android Application
    • RSS
  • Newsletters
  • Connect
Services
  • IT Jobs
  • Your Account
  • 4G Zone – Test your coverage
  • Test Your Bandwidth
  • What is My IP address?
Sites
  • White Papers
  • Downloads
  • ChannelBiz
Legal notices
  • Sales and Advertising
  • Terms and Conditions
Stay in touch
  • About Us – Silicon UK
  • Contact us
NETMEDIAEUROPE
  • Brazil
  • Germany
  • France
  • Italy
  • Portugal
  • Spain
  • United Kingdom
  • WorldWide
NetMediaEurope © Copyright 2018 All rights reserved. Part of NetMediaEurope. About NetMediaEurope