The idea of 2-Factor Authentication (2FA for short) is pretty straight forward – if someone logs in from an unknown device, they want to make absolutely sure that it’s you and not some hacker that ripped your password off the dark web. Think of it as having two forms of ID.
Popular choices for 2FA include getting a code by text, email, phone call or Authenticator app. Texts and emails can technically be intercepted and the authenticator apps are pretty much the gold standard now. Facebook recommended their own in-app authentication for a while – and that’s where the problem comes in.
When your account gets hacked or an attempt is made, Facebook sometimes locks the account down. This means everyone is logged out – you included. What happens next has so far cost two business owners I know personally their Facebook account. Chances of retrieval? Slim at best.
The Facebook account reset process sometimes includes verifying drivers license or access to the email address on file. Ultimately a new password is set. So far so good – except when logging back in, Facebook wants the code from the app you’ve been logged out of. All attempts to reset password again lead to the same impasse and Facebook is zero help. The accounts seem to be stuck in permanent lockdown.
What can you do to protect yourself?
First of all choose a 2FA method that’s not Facebook -n popular choices are Microsoft Authenticator, Google Authenticator or the Authy app. Since this authentication method isn’t dependent on Facebook, you’ll have an extra layer of security without putting your account at risk of getting stuck. I also recommend using the Facebook ‘trusted friends’ option – a list of 3-5 Facebook Friends can be chosen that will verify that you’re you if worse comes to worse.