🔒 Setup MFA for Facebook
Last updated on : 2021-08-04
Rationale
What's better than just having a password to login to your Facebook account? Having a second "lock" that only the account owner has access to! The idea of adding multiple 'challenges' before allowing a user to login to their accounts is called Multi-Factor Authentication (MFA), and next to having a Strong Password is the best thing you can do to secure your account.
Following the advice to 🔒 Setup an Authenticator for Multi Factor Authentication to our online services, we strongly recommend to also add a second factor to your Facebook account.
Instructions
What you should know
The best practice is to treat your password as "something you know", and for the second factor to be "something you have" - so in this case, we'll be using your phone as the "something you have" by using the Authy authenticator app with its Timed One Time Password feature.
What you should prepare
What you should do
1. Add 2FA to your Facebook account
Login to Facebook and follow the steps below. These steps show the desktop steps, but they are roughly the same for the mobile apps.
1. Go to the "Security and login" tab in the settings
2. Click "edit" next to "Use two-factor authentication"
3. Click the "Use Authenticator App" button
4. A QR code will be shown. This QR code needs to be scanned by your Authenticator app to link your Authenticator to your Facebook account.
5. Open your Authenticator on your phone (e.g. Authy or BitWarden if your have a paid account), and to the the "Add Account" screen. On Authy, tap the three-dot menu in the top right to open the menu, and select "Add Account".
6. Click "Scan QR Code" and provide the permission to access your camera if it prompts you for it. Aim your camera at the QR code until the Authenticator recognises the QR code.
7. Give the account a name that you will recognise, and click "Save".
8. Back on the Facebook page, click "Continue".
9. To test that the setup was successful, Facebook will ask you to provide a code. Copy and paste the code (or just type it in) the Authenticator shows you, into the Facebook "Enter confirmation code" prompt.
10. Facebook will ask you for your password one last time. Provide it and click submit.
12. That's it! you have now linked your Authenticator with your Facebook Account.
2. Login to your Facebook account with 2FA
Now that you have setup your second factor, it will be required when someone wants to login to your account. So merely having your password is no longer enough - to get into your account, someone would also need to have access to your Authenticator.
1. When you try to login to Facebook, whether in a browser or on a mobile app, you'll first be asked for your account and password as usual.
2. Next Facebook will prompt you for your "6-digit code"
3. Open the Authenticator app on your phone, select the corresponding 2FA account, and copy/paste or type it into the prompt from step 2.
4. To keep your account secure select "Don't Save", however this means that you will be asked to provide the 2FA code each time you login to Facebook from this device + app. So if you are confident that there is sufficient protections on the device itself, i.e. there's a strong password requirement on the device, and your device is not at risk of being confiscated, then you can decide whether the added convenience is worth the added risk and select "Save Browser". Click "continue", and you're in!