Heads up, Facebook users: there’s apparently a new security feature on the social networking site that may actually be very useful in preventing those pesky “phishing” schemes from harassing your Facebook friends in your name.
As announced in a CNN Tech article earlier this week, Facebook is adopting a security control very similar to what several financial institutions utilize to help protect your account: if you try to logon to the site from a computer or mobile device that Facebook doesn’t recognize from previous authorized visits, you will allegedly be prompted with a security question to help validate that it’s really you.
The idea is that a hacker won’t be able to answer the personal question, even if he/she has tricked you into revealing your password through a phishing attempt or something similar. It’s a pretty clever idea, and adds an extra level of security without proving to be a major pain in the neck.
My only problem was this: it wasn’t immediately apparent whether these changes actually went into effect. From the link above, I saw these instructions:
Facebook users must choose to activate this change. To do so, log in to Facebook and click the “Account” button at the top right of the screen. From that menu, select “Account Settings.” Scroll down to “Account Security” at the bottom of the page and click the link that says “change.”
The site asks: “Would you like to receive notifications for logins from new devices?” If you would like to receive such updates, then click the button by “yes.”
That’s all well and good, and I DO like the concept… But nowhere in there (or on Facebook itself when I followed those instructions) did it say anything about asking a personal question that you’ve pre-answered as a security precaution. It just says that you’ll be notified, either by email or by txt (SMS) message to your phone.
Fortunately, the day after I made these changes, I finally got the opportunity to login again and was prompted to name the computer that I was using… Then I got an email from Facebook notifying me that I had registered the computer as one of mine, and a txt msg alerting me of the same.
So far, so good. Take THAT, phishing scams!