Facebook has joined the likes of Google and Dropbox with support for physical security key authentication on PC, as well as NFC-capable Android mobile devices. The social media giant has announced it now offers an alternative security measure to two-factor authentication that users can employ starting today, provided they have the necessary hardware, like a Yubikey.
On PC, the process of logging into Facebook this way is as simple as plugging a USB key into your computer and tapping on it after you’ve entered your password. The latest versions of the Opera or Chrome browsers are required to add a key to an account. On Android, you’ll need to have Google Authenticator installed, along with a device and key that both support NFC. The mobile app does not currently support security key login, however, so for the time being, opening the webpage in Chrome is the only option.
Facebook security engineer Brad Hill stipulated the benefits of physical authentication in a post on Facebook. The company’s implementation relies on the FIDO Alliance’s open Universal 2nd Factor standard already put in practice by a wide variety of companies and services, including Bank of America, Salesforce, GitHub, and Samsung Pay. This means the same key you use to log into Facebook will be interoperable with many other accounts as well.
What’s more, a physical key is a foolproof deterrent against phishing, because it doesn’t require the user to enter a code. “The hardware provides cryptographic proof that it’s in your machine,” Hill explains.
The only potential roadblock for Facebook users or companies looking to further secure their accounts on a PC is that many new ultraportable notebooks — including Apple’s MacBook and MacBook Pro — infamously lack USB Type A ports, the standard format by which most security keys operate. There is a dearth of USB-C-compatible keys on the market right now, though that should soon change. Yubico has announced it will begin selling one in February, which makes Facebook’s news rather well-timed.
