Author: Sonya Mann / Source: Inc.com
Facebook serves almost 2 billion users, more than a billion of them on a daily basis. Those users are spread out all over the world, and each of them has an account. Most of those accounts are merely protected by a password, which means that a malicious person who knows your email address only needs one more piece of information to steal your account. Facebook has the difficult job of figuring out how to prevent that without inconveniencing or confusing their all those users, whose cultural norms and computer literacy vary widely
One of Facebook’s security features is two-factor authentication, which you may have heard of. 2FA (the common abbreviation) can protect your account even in the event that someone obtains your password. 2FA is usually implemented via SMS messaging or a secure app like Google Authenticator, although the gold standard is a physical second factor. The details change from service to service, but the general 2FA process works like this: 1) You enter your username and password. 2) The website or app takes you to another screen, where you’re asked to enter a one-time code generated by your second factor. Voila, you’re in!
But remember Facebook’s billions of diverse users? Not all of them are conscientious enough to read the fine print. It turns out that you can enable 2FA without really knowing what you’re doing, and end up locked out of your account. Facebook wants to prevent that almost as much as it wants to keep hackers from swarming the platform.
So the company offers users who enable 2FA a week-long grace period to decide whether they really, truly want it. It’s optional, but selected by default. Before the grace period is up, users can choose to login like normal. Doing so will turn off 2FA.
Not everybody thinks that’s a great idea.
To a certain extent, this defeats the purpose of setting up 2FA in the first place. An attacker can still get into your account just by using your password, if they manage to strike within the grace period.
Click here to read more