Starting today, users can set up two-factor authentication and log into Facebook on iOS and Android mobile devices using a security key. These physical security keys — which can be small enough to fit on your keychain — notify you each time someone tries accessing your Facebook account from a browser or mobile device that's not recognized. Facebook will ask you to confirm it's you with your key, which attackers don’t have.
Who Needs a Hardware Security Key?
Since 2017, we’ve encouraged people that are at high risk of being targeted by malicious hackers: politicians, public figures, journalists and human rights defenders. We strongly recommend that everyone considers using physical security keys to increase the security of their accounts, no matter what device they use.
Where Can I Get a Security Key?
You can purchase security keys directly from companies that make them (Facebook doesn’t manufacture hardware keys). The keys can either work through Bluetooth technology or by plugging it directly into your phone.
How Do I Set up a Security Key on My Facebook Account?
You can enroll your security key in two-factor authentication within the Security and Login section of your Settings.
For more information on how to enroll in two-factor authentication with a security key, please see the support document linked below.