In a significant update to its security protocols, Meta, the tech giant behind Facebook and Instagram, has revamped its approach to two-factor authentication (2FA), potentially affecting millions of users worldwide. The change, which was implemented last year but might have gone unnoticed by many due to the plethora of notifications on the platforms, aims to streamline the login process while maintaining high security standards.
According to Meta’s updated settings page, devices that have been frequently used to log into Facebook in the past two years will now be automatically trusted. This means that users may no longer need to enter a 2FA code to access their accounts from their regular devices, such as smartphones and laptops, unless they choose to opt out of this feature in their settings. This adjustment is part of Meta’s ongoing efforts to balance the ease of accessing accounts with the need to safeguard user identities online.
Since its initial rollout, Meta has continuously refined its 2FA system. The company started by enabling 2FA codes generated by third-party apps in 2018. Later, it began mandating that accounts deemed more susceptible to attacks—such as those of public figures or with a history of being compromised—activate 2FA protection. These measures underscore the tech company’s commitment to user safety in the face of evolving digital threats.
Enabling 2FA is widely recognized as an essential step in protecting online profiles. It adds an additional layer of security that can significantly hinder unauthorized access attempts. “The role two-factor plays is, basically, to assume that at some point your password is going to be known by someone else,” explained Casey Ellis, founder and chief strategy officer at Bugcrowd, a crowdsourced security company that has worked with Facebook. This acknowledgment of the inevitable risk of password compromise makes 2FA a critical fallback for users, often requiring nothing more than entering a code from a smartphone app, such as Google Authenticator.
Meta strongly encourages all users of Facebook and Instagram to activate two-factor authentication through their privacy settings. This process involves logging into the Account Center, navigating to the “Password and security” section, and selecting “Two-factor authentication.”
The rationale behind this newly implemented change is rooted in Meta’s ongoing efforts to create a more seamless user experience without compromising security. “As part of our continuous work to balance account security and accessibility, we’re letting people know that we’ll be treating the devices they frequently use to log in to Facebook as trusted,” stated Erin McPike, a spokesperson for Meta. This approach acknowledges the importance of making security features user-friendly while still protecting individuals’ online identities.
This latest update represents a fundamental shift in how 2FA is activated across devices that have been used to access Facebook or Instagram over the past two years, including older smartphones and laptops that may have been passed down between users. By treating these frequently used devices as trusted, Meta aims to streamline the login process for its vast user base, ensuring that accessing social media platforms remains both secure and convenient.
Source
