In a very welcome blog post last night, Facebook announced a range of new security measures aimed at reducing the level of account hijacking on the world’s biggest social network.
The headline feature is the introduction of one-time passwords on demand. So, if you want to log in to your Facebook account from a less-secure computer, for example a shared PC in a library or airport, then you will no longer need to use your standard Facebook password. Instead Facebook will send you an SMS containing a password that can only be used once and must be used within 20 minutes of being received. If you want to take advantage of this feature when it becomes available in your region, you’ll need to make sure you have a mobile phone number registered on your Facebook account, look in the Account menu top right, click Account Settings and check the Mobile tab.
Other features announced include the ability to see which computers, in which locations are currently logged into your Facebook account. So if you did leave that computer in Helsinki airport accidentally logged into your account, and the walk back is a little too far, you can remotely end that session averting the possibility of unauthorised account access (also maybe you’ll be able to tell if your mum is reading your private messages).
Finally Facebook have also undertaken to regularly prompt users to keep their security information up to date, so that in the event of a hijacked account the matter can be more quickly and easily resolved and legitimate, secure access to the account restored.
Regular prompting is good, don’t wait for Facebook to prompt you though, visit this page to update your information now (you can also add a mobile phone number here).
Kudos to the folk over at Facebook for taking account security seriously, good job.