Skip to main content

Facebook Now Lets You Log In with a Physical Key

You should be using two-factor authentication on Facebook (and anywhere else that allows it), and the social media giant has announced that it is now supporting USB security keys using the Universal 2nd Factor (U2F) from the FIDO alliance.

Credit: Facebook/Yubico

(Image credit: Facebook/Yubico)

Facebook isn't the first service using U2F. Others include Google, Salesforce, Dropbox and GitHub. Pre-made keys can be purchased online for less than $20. One of the biggest manufacturers, Yubico, also makes keys with extra features such as NFC, USB Type-C support and the need to press a button to prove you're using the key. If you have the know-how, you can even make one yourself.

MORE: Facebook's New Privacy Guide Might Actually Help You

Emails or text messages transmitting two-factor authentication codes to legitimate users could potentially be intercepted en route, but U2F's encryption makes such compromise all but impossible.

The downside, however, is that you always need to carry the physical device with you -- which is why many are made to slip onto a keychain. Additionally, the only major web browsers that currently support U2F are Opera and Google Chrome, although Firefox is reportedly working on adding support. You also probably won't be able to use it with your mobile device. It might be best served as a backup to other forms of 2FA.

On Facebook, you can go to the "Login Approvals" section under your security settings to add a U2F key. Google's guide to adding U2F is here.