Sometimes you just need to borrow a computer to check Facebook. You may be in the school library or the computer lab. You may be at a friend’s house and want to show them a video or a post on Facebook. But can you trust the computer you are using? Does it have malware or a key stroke logger that can capture your username and password? How would you know? You may decide that the likelihood of this happening is pretty low. But what if you guessed wrong and some bad people have your account details. How would you know?
If an attacker were able to get your Facebook account details, they may want to use your account in ways that wouldn’t expect. They may merely want your account to spread commercial messages (spam) to your Facebook Friends. They may have more malicious purposes and try to get your Friends to try out a malicious Facebook App. Since they have access to your account, they are pretending to be you. Your Facebook Friends might not be able to tell that it’s not you. Since these message appear to come from you, you will have the burden of resolving any problems caused. It is simply better to protect your account from unauthorized access and avoid the unpleasant aftermath from losing control of your account.
Facebook provides two security tools that allow you to control access to your account from various devices. Login Approvals, which I covered in “Facebook Security: Using Login Approvals to keep bad guys out of your account“, sends a security code to you when your Facebook account logs in from a new computer or device. Login Notifications inform you when your Facebook account is used to login from a new, unrecognized device. Using these tools together, you can control your account access and to be informed when a new device is used to access it.
Login Notifications inform you when your Facebook account is accessed by an unrecognized device. Whenever you log into your Facebook account from a new device, you will be asked to give it a name. Once you do, Facebook will send you a text message and/or an email message telling you that your account was accessed from a new computer or device. If you were the person accessing your account, then you can ignore the message. If, however, it is not you, then the email message contains a link that you can click to secure your account and prevent the other person from using your account. If you are logged into Facebook when an unrecognized device is used to access your account, you will see a notification on the page and a message in your Notification drop-down menu. The notifications will have links for you to review the login and cancel it, if needed.
Enabling Login Notifications
Setting up your Facebook Account to use the Login Notification system requires that you register your mobile phone with Facebook. To register your mobile phone, check out my article “Facebook Security: Register Your Mobile Phone to Use Advanced Security Features“. Once you have that configured, you can receive codes from Facebook when you need to log into a computer that you do not own.
Setting up your Facebook Account to use the Facebook Login Approval system requires that you register your mobile phone with Facebook. Once you have that configured, you can request one-time passwords from Facebook when you need to log into a computer that you do not own.
- Click on the “triangle” drop-down menu in the upper right portion of the Facebook page.
- Select “Account Settings”. A new page will open.
- On the upper left portion of the Facebook page you will see a tab called “Security” with a gold badge icon next to it. Click on it.
- A list of security settings are presented. Look for “Login Notifications” and click on it.
- Select the methods by which you will be notified when your account logs into Facebook (email and text message) and click the “Save Changes” button.
Login Notification Considerations
Using the Facebook-provided tools for controlling access to your account can reduce the chances that someone can take over your Facebook account, but there are some things to remember when using these tools:
- With Login Notifications enabled for Email, you receive an email every time an unrecognized device is used to log into your Facebook account. If you suspect that someone is using your account without your knowledge, you can click the link in the email message to Secure Your Account. This will step you through the process of locking down your account to prevent misuse by others. If you enable text message notification only, there is no link in the message. You will need to log into Facebook and review the Active Sessions and remotely terminate access there.
- Private browsing (or “Incognito Mode“) is a web browser mode that does not save cookies, your browsing history, and other web privacy related information. Accessing Facebook using a private browsing mode will require you to approve your device every time you log into Facebook. You can either avoid using private browsing or approve the device every time.
- If you are already logged into your Facebook account through a web browser, you will see a notification when your account is accessed from another computer or mobile device. From the Notifications drop-down menu you can cancel access to that device.
Check our guide: Own Your Space, “A Guide to Facebook Security”