Facebook’s two-factor authentication comes under fire

Published on February 15, 2018

Facebook is implementing numerous changes to its system lately. In an attempt to enhance the user experience, the social media can be seen integrating newer features and greater security updates. On a similar line, the Mark Zuckerberg-led firm recently launched its two-factor authentication (2FA) system. This system is available on Facebook’s other subsidiaries as well, such as WhatsApp. However, the system has come under fire. According to numerous media reports, certain bizarre design elements have managed to end Facebook up in a dangerous situation.


According to a report published by The Verge, Bay Area software engineer Gabriel Lewis earlier this week noticed that Facebook was using the same smartphone number like him when it came to the two-factor authentication technology. For those who aren’t aware, the two-factor authentication technology helps individuals search for a more secure way to log into an online account. This activity is carried out by scouring for the user’s secondary information.

It helps in confirming the user’s identity.  Lewis found that when an individual reply to this message through Facebook, the system automatically posts the same message to their Profiles as well. Lewis is not the only one facing problems with Facebook’s two-factor authentication as many other users have taken to both, Facebook as well as Twitter to post complaints regarding the matter.

We don’t know for sure whether Facebook is affected by a bug. However, the auto-posting feature is being condemned as many to be a severe vulnerability. In a statement, a Facebook representative did not address whether the auto-posting of replies was intentional or a bug.

“We give people control over their notifications, including those that relate to security features like two-factor authentication. We’re looking into this situation to see if there’s more we can do to help people manage their communications,” the statement reads. “Also, people who sign up for two-factor authentication using a U2F security key and code generator do not need to register a phone number with Facebook.”

Enjoyed this video?
"No Thanks. Please Close This Box!"