Facebook is facing a new wave of criticism for two-factor authentication shenanigans

Facebook is facing a new wave of criticism for two-factor authentication shenanigans
The world's most popular social network has become by far the most controversial tech company too lately, taking a lot of flak for exploiting pretty much every single dubious data harvesting and user privacy violating trick in the book. Somewhat ironically, the newest controversy surrounding Facebook's dubious practices focuses on something that's not entirely new.

But after doing a little digging, Emojipedia's Jeremy Burge has discovered a number of deeply disturbing things not many Facebook users might be aware of. First and foremost, there's a good reason to suspect the social networking service's two-factor authentication feature is about further weakening user privacy much more than it is about strengthening security. Two-factor or 2FA authentication in itself is a great way to ensure someone trying to hack you needs to clear several hurdles before doing so, but Facebook seems to have an ulterior motive for pushing you to better protect your account.

The phone number you may occasionally be asked to verify as a backup Facebook login is actually also used as a "look up" method for "friends" to be able to track you down... by default. In other words, people can search for your phone number on Facebook and associate that to your name and other information, even though the purpose for which you shared your number with Facebook in the first place was entirely different.

What's even worse than the fact this is a standard, default practice is that you can't opt out of the look you up "feature" from the settings menu. All you can do is restrict the information to the eyes of your Facebook "friends" or "friends of friends" rather than "everyone." Of course, 2FA authentication is not mandatory (at least not for personal profiles), but if you've already set up the "security" feature, there seems to be nothing you can do to prevent Facebook from using your phone number in several shady ways. 

That doesn't just include this "look up" setting, but also advertiser sharing and basically combining your Facebook, Instagram, and WhatsApp profiles to "link your identity across every platform on the internet." While some would call that convenient, others are viewing with skepticism or outright horror. It's essentially what Mark Zuckerberg wants to make official in the near future by merging the tech giant's Messenger, WhatsApp, and Instagram services, but it's something industry regulators around the world are looking to prevent from happening.

FEATURED VIDEO

1 Comment

1. lyndon420

Posts: 6827; Member since: Jul 11, 2012

I don't think anyone is really surprised by this. When Zuckerberg implemented 2FA I knew it wasn't going to be for full security reasons.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.