Skip to main content

How to Enable Two-Factor Authentication on Facebook

December 14, 2016

How to Enable Two-Factor Authentication on Facebook

For the fifth day of the 12 Days of 2FA, we turn to the world’s largest social media platform: Facebook. Facebook calls its two-factor authentication “Login Approvals,” but the idea is exactly the same: signing in from a new browser will require something you have (like your phone) as well as something you know (your password), giving your account an added layer of protection.

Enabling 2FA on Facebook is a great opportunity to review your other security and privacy settings. EFF has noted confusing changes in Facebook’s privacy policy in the past, making it that much more important for users to be clear on what information is private or public by default, and where users have control over visibility. Also keep in mind what information may be shared among Facebook’s growing “family” of companies.

See below for steps to enable 2FA on your Facebook account.

  1. Click on the small downward-facing arrow in the upper right-hand corner to navigate to “Settings.” From there, click on “Security” on the left and select “Login Approvals.”

  1. Check the box “Require a login code to access my account from unknown browsers” to start the setup process.

  1. You will be prompted to enter your password before making security changes to your account. Enter it and click “Submit.”

  1. The first two prompts briefly describe how 2FA works on Facebook. Click through them to start and continue set-up.

  1. If you have not yet given Facebook you phone number, you will be prompted to enter it and add it to your Timeline. By default, this number is only visible to you, not to friends or others who can see your profile. Keep in mind that, regardless of the number's visibility settings on your profile, Facebook itself will have access to it.

  1. Shortly after clicking “Continue,” Facebook will text you a code. Enter it and “Confirm.”

  1. With 2FA setup complete, you have the option to “ease in” and cancel 2FA without your phone within a week. We recommend checking “No thanks” and securing your settings right away.

Back at your security settings, you can start using the Facebook app’s code generator, and get printable codes to keep in hard-copy. You can learn more about and generate app passwords—or, passwords for devices and applications that do not support logging in using a one-time verification code—from your security settings, as well.

Stay tuned for more posts on two-factor authentication during the 12 Days of 2FA.

JavaScript license information