Facebook single-use passwords beef up privacy -- until you lose your phone
Facebook has introduced one-time passwords to protect you when logging in from public computers -- but they open up a gaping security hole if you lose your phone.
Facebook is continuing its drive to tighten up security for members of its popular networking service. In the week of the release of phone., a film based on the early days of the site, Facebook has announced disposable passwords and remote logout. Single-use, one-time passwords will protect you when logging in from public computers -- but they open up a gaping security hole if you lose your
Checking up on your friends while out and about just became safer with one-off passwords. To request a password that will work only once, text OTP to 32665 from the phone registered to your Facebook account. Facebook will text you a single-use password that expires 20 minutes later, allowing you to happily log in on any public computer in a library, Internet cafe or crack house.
Security experts Sophos sound a notion of caution, however, that while single-serving passwords will protect you from keyloggers, they won't prevent malware from recording what's on your screen during your session.
There's also the risk that, even if you don't have a Facebook mobile app, someone could acquire your phone and use it to crack your account. The heinous blackguard could simply send the OTP text from your stolen phone and moments later have free reign over your personal information, messages and FarmVille row to hoe.
If you're worried that a cad and a bounder has logged in to your account, you can now check. The Account Security section of your settings shows where your account is accessible, including different browsers on computers you have used and apps on your phone, with the option of shutting down dodgy sessions.
Facebook has been forced to take action after a swell of recent controversy around privacy. Earlier this year, the social network. Just last week, Facebook added the ability to should you decide to delete your account. Today, the service also announced new, regular prompts, reminding users to keep their settings up to date.
To ensure you're as safe as houses, click Account at the top of your screen and choose Account Settings. When you're done, have a gander at the official CNET UK Facebook fan page. It's official, fun -- and officially fun!