Facebook Adds Physical Security Key Support For Mobile Devices. Many industry insiders consider physical security keys used in the context of two-factor authentication login schemes to be the final word in digital security. That is because even if your password is compromised, if you’re using a physical piece of hardware that has to be inserted when prompted to complete the process, a hacker can’t breach the account in question without first having physical access to the key.
Facebook has supported physical security key 2FA for desktop environments since 2017, but iOS and Android users didn’t have that option until recently. Thanks to a recent announcement by Facebook, that has now changed that they were expanding their physical security key 2FA offering to support both product ecosystems.
Almost universally, privacy and security experts applaud this move. Far and away, the most common form of two-factor authentication in use today is the text code. You enter your password as you normally would, and then the site you’re logging in to send you a six or eight-digit code to your phone. You enter that code to complete the login process.
However, the problem with that approach is that text messages interception by determined hackers, making that form of 2FA not as robust or secure as a physical key. It’s still heads and shoulders better than not enabling 2FA at all. However, suppose you’re looking for maximum security with a minimally intrusive process. In that case, a physical security key will make your organization and the sensitive data you’re trying to protect that much more secure.
Kudos to Facebook for expanding their physical security key offering, and here’s hoping that other companies in the space follow their example in short order. Anything we can do to reduce the number of data breaches is a win.