Facebook single-use passwords beef up privacy -- until you lose your phone

Facebook has introduced one-time passwords to protect you when logging in from public computers -- but they open up a gaping security hole if you lose your phone.

Facebook is continuing its drive to tighten up security for members of its popular networking service. In the week of the release of The Social Network , a film based on the early days of the site, Facebook has announced disposable passwords and remote logout. Single-use, one-time passwords will protect you when logging in from public computers -- but they open up a gaping security hole if you lose your phone.

Checking up on your friends while out and about just became safer with one-off passwords. To request a password that will work only once, text OTP to 32665 from the phone registered to your Facebook account. Facebook will text you a single-use password that expires 20 minutes later, allowing you to happily log in on any public computer in a library, Internet cafe or crack house.

Security experts Sophos sound a notion of caution, however, that while single-serving passwords will protect you from keyloggers, they won't prevent malware from recording what's on your screen during your session.

There's also the risk that, even if you don't have a Facebook mobile app, someone could acquire your phone and use it to crack your account. The heinous blackguard could simply send the OTP text from your stolen phone and moments later have free reign over your personal information, messages and FarmVille row to hoe.

If you're worried that a cad and a bounder has logged in to your account, you can now check. The Account Security section of your settings shows where your account is accessible, including different browsers on computers you have used and apps on your phone, with the option of shutting down dodgy sessions.

Facebook has been forced to take action after a swell of recent controversy around privacy. Earlier this year, the social network simplified its arcane privacy options . Just last week, Facebook added the ability to take your photos, messages and data with you should you decide to delete your account. Today, the service also announced new, regular prompts, reminding users to keep their settings up to date.

To ensure you're as safe as houses, click Account at the top of your screen and choose Account Settings. When you're done, have a gander at the official CNET UK Facebook fan page. It's official, fun -- and officially fun!

Tags:
Software
About the author

Rich Trenholm is a senior editor at CNET where he covers everything from phones to bionic implants. Based in London since 2007, he has travelled the world seeking out the latest and best consumer technology for your enjoyment.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

See the world with Smithsonian Channel iOS app

Watch free videos and full episodes of original series and documentaries with the new app.