Facebook Enhance Online Security With One-Time Passwords

By Jamie Pert - Oct 13, 2010

Ever gone into an internet café or around a friends house only to realise that you have left yourself logged in, and frantically make that dash back to save yourself from being publicly shamed or even ‘faceraped?’ Facebook have been working on this and will try and make your life easier by introducing one-time passwords.

Facebook product manager Jake Brill revealed in a blog post that they are “launching one-time passwords to make it safer to use public computers in places like hotels, cafes or airports,” this means that if you are concerned about the security of the computer you are using while on Facebook, they can “text you a one-time password to use instead of your regular password.”

We have all been there, forgetting our passwords due to some brain malfunction or having to change it because one of your so called friends found out what it was, and decided to wreck havoc on your Facebook page.

To take advantage of this service, you must text “opt” to 32665. You will then receive a one-time password that will expire 20 minutes.

One a side note if you have been paying attention to Facebook’s account security settings, you will also notice that they have implemented a feature that tracks if you have logged in at an ‘unexpected location,’ which could be different from the one you usually log in from.

This would be a good way to tell if someone somewhere else is using your password.

Remember all those concerns about Facebook security? Looks like they are doing something about it.

Source: Information Week

Follow us on Facebook, Twitter or Google Plus.

Also See: LFC, Celtic Champions League Draw free on Facebook

  • Joseph A'Deo

    This is sorta like two factor authentication (I guess it's more like ONE factor authentication?), which combines a one-time keycode with something immutable (SSN, etc) to create an unbeatable, double-pronged password. It's a great idea for Facebook, but at VeriSign we're still asking why they haven't adopted extended validation SSL and forced it at log-in…the problems with phishing need to be curtailed not only at the credential level but at the browser level (ie, if you've got the green url bar in place, fake Facebook sites created for the harvesting of passwords will be rendered useless). It's definitely a step in the right direction, however, and should be noted as such.