Facebook Trusted Friends and App Passwords security

Facebook is currently testing two new security features which they hope will add additional protection to its 800+ million community. Back on October 26th, Facebook announced the “trusted friends” feature to help users regain control of account and application passwords to prevent malicious third-party apps from accessing a users’ Facebook account data.

The “trusted friends” feature is designed for Facebook account logins. So, when a user is unable to log in to their account, Facebook will now be able to send the unlock code to a designated “trusted friend”. It is the responsibility of the “trusted friend” to forward the code to the locked out user (you). My primary concern here is, your designated friends now have the spare key to your account, which means if an attacker has compromised your Facebook account, the attacker would look to change the “trusted friends” setting – this would be my first port of call as an attacker.

App Passwords however, provides a higher level of password login protection for Facebook third-party apps. Many websites and apps now allow for single sign-on using your Facebook username and password, which if those sites/apps are compromised leaves your Facebook account vulnerable to an attacker. So, Facebook has developed Apps Passwords which will generate a unique one-time password that can be used the first time you authorize the app, as opposed to using your existing credentials.

The major problem with App Password is the lack of clarity. Privacy aware Facebook users will no doubt use this feature, but I’m guessing most of the community will not; don’t know about it or understand what it does; or will be unable to find it. When the new security features are live, I will post some screenshots on here and explain in more detail.

Safe surfing folks!
Julian

This entry was posted in facebook, privacy and tagged . Bookmark the permalink.

19 Responses to Facebook Trusted Friends and App Passwords security

  1. Shah aamir says:

    it is the same with me ,,coz i have deleted myrecognized computers list all !!
    & now it asks me to sign in from a recognised computer ,,but actually it has no recognized saved on it !! what can i do ??

  2. radium lamichhane says:

    dear sir, i have a big problem… i’ve deleted my phone number and my recognized software is broken. I am using another pc and i’m not getting access to my Fb account.
    CAN U HELP ME…………..
    PLZZZZZZZZZZZZZ

  3. Mudasir says:

    My account has been locked and is asking for the “confirmation code” which it will send on my cell number but i’m not getting the text soon and is taking more than day to reach on my cell, but when i’m trying to use that code after the day it is prompting either this code is wrong or expired, eventhough i’m able to change the password but on security checkh it is get halt,kindly suggest what to do?

    • Julian says:

      #Mudasir# I doubt Facebook will be able to help you in this instance. You will need to contact your cell phone provider.

  4. hy im lost my phone number on my faceboook Account i have new number The problem is how???? i can login in my account??? Bicause im lost my first number wher im ricever evry week when im login im facebook the code for login.in my Account I lost my number ! can help for login in my account wihtout Phone code?? Thanks

  5. Shah aamir says:

    it is the same with me ,,coz i have deleted myrecognized computers list all !!
    & now it asks me to sign in from a recognised computer ,,but actually it has no recognized saved on it !! what can i do ??

  6. muhamad alhajahjeh says:

    I am having this problem when you login to my account
    we don’t recognise the computer or device you’re using.
    You currently have no phones listed on your account
    Please note that I’ve delete all hardware and also the phone number from my account I did not know that this will happen
    I sent you all the documents you have requested me to prove identity
    Resolve the problem that I face when entering my account was not getting to the answer to solve the problem so far

    I am waiting for solution from the week

  7. Shahid Khan says:

    We don`t recognize the device you`re using. You currently have no phone listed on your account. Please log in from a recognized device to regain access to your account. Once you regain access, we recommend adding a new phone or disabling the login approvals feature. If you don`t have any other recognized computers, you can contact our User Operations team. I can`t get my code

    Plz Someone Help me To Restore My Account What Should I Do Now ? Please If Anyone Knows This Solution please email me on [email protected]

    I will be So much Thankful to you. as I have 10 pages linked with that account i dont want to loose them please me.. Facebook team also not responding me i need your help.

  8. to choose my trusted friends i need to login my account but to login my account i need the code but i cant get one now how am i suppose to access my account ?

  9. Rohan says:

    i hav the same problem…i got my cell back bt still how can i response to that msg and log in my acc. help me…

  10. rhedcuevas says:

    We don`t recognize the device you`re using. You currently have no phone listed on your account. Please log in from a recognized device to regain access to your account. Once you regain access, we recommend adding a new phone or disabling the login approvals feature. If you don`t have any other recognized computers, you can contact our User Operations team. I can`t get my code

    Plz Someone Help me To Restore My Account What Should I Do Now ? Please If Anyone Knows This Solution please email me on [email protected]

    Please help me..i will be so much thankful please

  11. Sejdina says:

    hi i have the same problem whit my logg in i delete my phone number and cant logg in is asking me to logg in from recognize device but i dont have one can anyone help me please i dont want to lose my account the same message is saying rhedcuevas and im really freacking out :((

  12. Ramu Giri says:

    Log in from a recognized computer.


    Didn’t receive your code yet? Sometimes SMS can be delayed for up to 12 hours.
    You can also login from a recognized device to approve this login.


    You are being asked to enter a security code frequently — this may be because your cookies are being erased by your browser settings. You can turn off ‘private browsing’ or change your browser settings by following the instructions here.

    You currently have no phone listed on your account. Please log in from a recognized device to regain access to your account.

    Once you regain access, we recommend adding a new phone or disabling the login approvals feature.

    Other options:

    Contact our User Operations team
    please help

  13. Kelly mcanally says:

    I’ve done everything possible to try to recover and restore and reset my facebook password nothing it seems to work I need some extreme help as soon as possible

  14. Marlene Taljaard says:

    Good morning,

    Please help me. I had a blackberry but it broke. Now I have a Samsung Galaxy Fame. I can’t log into my account. It tells me that my approval code will be send via sms shortly. I’m not receiving it at all. My cell number hasn’t changed…..only my cellphone.

    Can someone please help me. I’m struggling now for 2 weeks and is loosing out a lot on Facebook.

    Thank you.

  15. umme hany sultana says:

    I can’t submit my trusted friends confarmetion code because I don’t find the page where can i submit the code to recover my facebook id….
    so,what should i do???

  16. Ray says:

    Hello sir my face book as lock from the company I even don’t no why btw they send me the code on my mobile it’s too sad still not working also my cant upload my ID or something else coz it’s very personal for me please help me

  17. I’m trying to access my account & it’s says that I need to access my email to verify my identity, but it’s not sending anything to my email for me to confirm ! When I set up my Facebook I choose to have a txt message sent to my phone however I never received anything stating a password change, email change nothing! Once I tried to log in after selecting which account was mine , it tells me to try access my email. I have access to my email but Facebook hasn’t sent a link for me to verify!

  18. bev says:

    Where do my trusted friend go to get code

Leave a Reply

Your email address will not be published. Required fields are marked *