How to Enable (or Disable) Two-factor Authentication on Facebook
In the digital era, there’s very little that is more important than your online security. From maintaining your privacy to protecting your accounts and passwords, there’s always someone willing to take advantage of an improperly secured account.
Introduced by Google in 2011 for consumer accounts, Two-Factor Authentication (also known as 2FA or multi-factor authentication) was a response to combat account access issues. In 2020, we see 2FA as an option for nearly every account we access. From social media sites to banking logins, this added layer of security provides peace-of-mind while simultaneously alerting users if someone is trying to gain unauthorized access to their accounts.
Aside from standard security protocols (a really good password), 2FA provides a code to a secondary account or phone number before access is granted. When you’ve properly set up 2FA, you will receive an SMS or email message with a one-time entry code. Typically numeric, this code expires after several minutes and it is not related to your personal information in any way (it’s not your birthday or the last 4 of your SSN).
The reason 2FA is brilliant is that it’s unlikely that a hacker will have access to your cell phone while simultaneously having the password to your account.
2FA, like other forms of security, isn’t without its flaws of course. There may come a time when you’re actually safer doing away with the authentication than maintaining it. If someone does have your phone, they can easily log in to your Facebook account using the 2FA feature. Many times, all it takes is clicking ‘This was me” to bypass the unique and secure password you’ve set up.
This article will review how to set up 2FA on your Facebook account and also, how to remove it. We’ll also review a few other security features the social media giant has to offer.
How to Enable 2FA
If you don’t have 2FA enabled already, follow these steps:
Log into Facebook and select the arrow icon to access the Settings & Privacy menu. Then, select Settings again.
Select Security & Login in the left-hand menu.
Scroll down and click ‘Edit‘ to the right of ‘Use two-factor authentication.’
From here, you will need to sign in to Facebook using your current password again. Follow the prompts and assign the contact to receive your 2FA codes.
How to Disable 2FA
If 2FA is no longer working for you, you can disable it by following these steps:
Following the same instructions as above, log in to Facebook and head to the Security & Login page under the Settings tab.
Click ‘Edit‘ next to the 2FA option. Next, you’ll need to input your current Facebook password.
Now you can click ‘Turn Off‘ to disable two-factor authentication.
Now, follow the prompts to remove 2FA. Once complete, you can log in to Facebook without having a verification code.
Things to Know Before Activating 2FA
As stated above, 2FA is an excellent security feature, but there are some things you need to do first to make sure that you won’t have trouble logging in later.
2FA is so secure that even you (the account owner) may have difficulty logging in. The first thing you need to do before following the instructions below is to verify that all of your contact information is up-to-date.
Following the same instructions as above to access the 2FA settings, locate the option to choose your security method. Select ‘Manage’ next to your SMS option to update your phone number.
Keeping your phone number up-to-date is crucial not only to your security but also to your ability to gain access to Facebook on a new account. If this number is outdated, you won’t receive a security code effectively locking yourself out of your account. This should be done every time you change your phone number.
If you don’t have a phone number, or you don’t want to use 2FA anymore, you aren’t completely out of luck with added account security. Facebook offers quite a few security features to protect your account.
2FA Third-Party Verification Apps
A quick and easy alternative to the SMS 2FA option, you can set up and use a third-party authentication app. Google Authenticator is a popular and trusted application available for iOS and Android users, but you’re free to choose the app you feel comfortable with.
Follow the same instructions as above for updating your phone number, but this time choose ‘Manage‘ under the ‘Third-Party Authentication App‘ in the Facebook Settings.
Facebook will give you a scannable QR code and an alpha-numeric code to set up your third-party app. Follow the instructions and click ‘Continue.’
Now, you can log in to Facebook with 2FA without a phone number.
Unrecognized Login Alerts
Facebook offers alerts for unrecognized devices. If a new browser or Facebook app is detected, you will receive an alert. This is great because you can also deny entry right from your own device.
If you receive one of these alerts, it’s probably a good idea to change your Facebook password. But also, change your email password too. A hacker gained access somehow so it’s best to err on the side of caution and update both passwords.
One unique feature in Facebook’s security lineup is the option to use separate passwords for linked applications. If you’ve ever talked to anyone in I.T., you’ve likely been told to use a different password for every account. This is so important because if you have one or two passwords; that’s all a hacker will need to gain entry to multiple accounts.
Facebook offers easy login to multiple applications. From Tinder to your favorite mobile game. Going along with the ‘use multiple passwords’ mantra we hear so often, head to the Security and Login page just as you did before.
Select ‘Add‘ next to the ‘App Passwords‘ heading and begin creating new passwords for your linked applications.
How to Prevent Getting Locked Out
Assuming you’ve set up 2FA using one of the methods described above, Facebook does have a backup option to keep you from getting locked out. Even if you lose your phone or change the phone number, you can set one of these methods up to gain access.
Going back to the same Settings menu we’ve used to set up 2FA, scroll to the very bottom of the Login & Security page. Select one of the backup options available.
Recovery codes are an optimal choice because you can store them safely and access them any time you need to get into Facebook bypassing 2FA. Just beware, if anyone gets a hold of your security codes, they too can log in.
From this same page, you can also assign three Facebook friends to help you regain access if you so choose to do so. Setting these functions up before you run into login trouble is ideal. Once you’re locked out you’ll have to contact Facebook support using the ‘Trouble logging in?” button on the login screen. Then, you’re at the mercy of Facebook to respond and help you regain access to your account.
Frequently Asked Questions
Do I need 2FA?
2FA or a similar alternative is highly recommended, especially for Facebook. The social media site has access to a lot of your personal information you probably haven’t thought about for one thing. You don’t want a hacker having that information. Things like your location, identity, and even payment information are all stored within Facebook.
If your account is hacked, Facebook may take it upon themselves to completely deactivate your account. This means you won’t get your account back and you’ll lose all of your pictures, friends, and important memories.
What can I do if I can’t receive the 2FA code?
Assuming you don’t have a backup option set up and you no longer have access to the phone number on file, you’ll need to use an alternative method to log in. Your best option is going to be using a recognized device to get your security codes in the Settings.
If you don’t have a recognized device with you, you don’t have your security codes, and you don’t have access to one of the forms of contact listed on your account, use the ‘Trouble signing in’ option from the login page.
I can’t turn off 2FA on Facebook. What’s happening?
There are a few possible reasons why Facebook won’t let you turn off 2FA. If you have certain apps linked to Facebook one may prevent you from turning off the feature because it’s required for security purposes. Try removing any work or school apps that are linked and follow the instructions again.
If you are receiving an error, try another web browser to turn the security feature off because it could be an issue with the browser itself.
Assuming you’re using the correct password when logging in, you may need to contact Facebook support for more help. Generally, Facebook gives you no issues turning off this feature so if you are running into an issue it’s likely account specific which is why you’ll need the support team to help you out.
What do I do if someone else logged in and turned on 2FA on my account?
If you’ve already experienced an attack and the hacker turned on 2FA you aren’t able to log in until the matter is resolved. Fortunately, Facebook is prepared to help.
Visit this webpage to recover and regain access to your account so that you can turn off or manage 2FA.