
According to a Facebook blog post, the two significant safety measures are
- Login Notifications: You will be notified instantly by email and SMS (optional feature). You will be asked to register all the devices you use with a name for each one of them. When you log in from a new device, you will be asked to name the device and immediately a notification is sent to the email address and mobile phone on the file (as per your settings)
- Blocking suspicious logins: When the system detects some suspicious login activity, it asks the user to answer some trivial questions that can identify the real user (like the birth date or the name of a friend). You are allowed to login after the correct identifications. There is an option to verify the login logs and reset password if something suspicious is found.
The first option is no brainer but there could be some issues with the second one. First, it could get annoying if you are someone who logs in from many different places including libraries, friend’s machines, etc.. Second, and most importantly for the networkers like Robert Scoble, if you login from an unknown location and facebook’s system deems it suspicious, the system could ask you to identify a facebook friend’s photograph and there is a high likelihood that you may not know the name of that person from several thousand “friends” and your facebook account will get locked. It is not clear if it completely locks you out or still allow you access from trusted devices. Even though it is a good measure, it could get annoying at times from a convenience perspective.
Related Posts:
If my banks can get security solid enough for me to do all my banking online then why can’t Facebook?!