Meta changed the way two-factor authentication works for Facebook and Instagram last year. You may have received notifications about this, but this one was easy to miss in the sea of red alerts on the platform. Okay, so what’s different? “All devices where you’ve used Facebook frequently over the past two years will be automatically trusted,” reads Meta’s updated settings page. Your smartphone and laptop may not require a 2FA code to log in unless you go to your settings and log out.
Over time, Meta has made several adjustments to the way it implements 2FA. In 2018, it started allowing 2FA codes generated by third-party apps. A few years later, the company started requiring more vulnerable accounts to activate 2FA protection. The company faces a tricky balance between making it easy to log into your account and protecting users from losing control over their online identity.
Enabling 2FA is an easy way to improve the security of any online profile, as it adds an extra level of difficulty for hackers trying to break into your account. “The role those two factors play is essentially to assume that at some point your password will become known to someone else,” said Casey Ellis, founder and chief strategy officer at Insect crowd, a crowdsourced security company that has previously worked with Facebook. “You have no control over when or how that happens.” For users, this fallback measure is often as simple as copying and pasting a quick code from a smartphone app, such as Google Authenticator.
Anyone with a social media account on Facebook or Instagram should enable two-factor authentication in their privacy settings. No shame if you haven’t done so yet, but do it right now by logging into your Account Centerclick Password and securityThan Two-factor authentication.
Now that you’ve got everything set up, here’s what’s changed with Meta’s 2FA process: It no longer activates everywhere you’ve frequently used Facebook or Instagram in the past two years, from previous-generation smartphones to discarded laptops.
What is the reason for this adjustment? “As part of our ongoing work to balance account security and accessibility, we’re letting people know that we will treat the devices they commonly use to log in to Facebook as trusted,” said Erin McPike, a spokesperson for Meta.