Skip to main content
  1. Home
  2. Social Media
  3. News

Facebook improves your account security with new Delegated Recovery tool

Lulu Chang
By

facebook journalism grants login smartphone
Image used with permission by copyright holder
The only thing more frustrating than forgetting your password? Resetting it.

Between searching your spam folder for a reset link or trying to find a password you haven’t used before, current methods of resecuring your accounts are neither convenient nor particularly secure. But Facebook is looking to change that. At Monday’s USENIX Enigma Conference, Facebook security engineer Brad Hill announced that the social media giant launched an account recovery feature dubbed Delegated Recovery.

Recommended Videos

Debuting with a GitHub partnership, Facebook essentially hopes to take the place of your email account as your identity-management hub. This, the social media giant says, is safer than email because there is no end-to-end security guarantee, and often, the “security questions” you have to answer tend to be “inconvenient and risky.”

Related

So now, “Facebook will let users set up encrypted recovery tokens for sites like GitHub, and if a user ever loses access to her Github account, she will send the stored token from her Facebook profile back to GitHub, proving her identity and unlocking her account,” the company explained in a blog post. “Encryption of the token provides privacy — Facebook can’t read the information stored in the token, and it won’t share information about your identity with third-party websites.”

Beginning Tuesday, you can use your Facebook account to provide additional authentication as part of the recovery process at GitHub. In order to do so, you’ll have to save a recovery token with your Facebook account, which will be encrypted so Facebook can’t access your personal data.
“If you ever need to recover your GitHub account, you can reauthenticate to Facebook and we will send the token back to GitHub with a time-stamped counter-signature,” the company explained. “Facebook doesn’t share your personal data with GitHub, either; they only need Facebook’s assertion that the person recovering is the same who saved the token, which can be done without revealing who you are.”

Delegated Recovery is part of Facebook’s larger effort to improve account security, not only on their site, but across the web.

“We’re building this and giving it away because recovery is a problem every online service shares,” Hill said. “Recovery isn’t a product, it’s a foundation. Secure access is the foundation on which we build all our other products.”

Editors' Recommendations

Topics
Lulu Chang
Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
Meta’s new AI research may boost translations on Facebook, Instagram
Image with languages displaying in front of a man on his laptop for Meta's 200 languages within a single AI model video.

Facebook's parent company, Meta, announced a new AI model today that can translate hundreds of languages, and its research is expected to help improve language translations on its social media apps, specifically Facebook and Instagram.

On Wednesday, Meta unveiled its new AI model, NLLB-200. NLLB stands for No Language Left Behind, which is a Meta project that endeavors to "develop high-quality machine translation capabilities for most of the world’s languages." The AI model that came from that project, NLLB-200, can translate 200 languages.

Read more
The new ways Meta will pay you to make content for Facebook and Instagram
facebook hacked

Creators on Facebook and Instagram will soon have more ways to generate revenue from their content.

On Tuesday, Meta CEO Mark Zuckerberg shared via a Facebook post (and in a series of comments on that post), a few updates on monetization for creators on Facebook and Instagram. These updates included expansions to existing monetization options, as well as a few new ways to make money.

Read more
Microsoft Edge just got a new way to protect your privacy
Microsoft Edge Secure Network graphic.

Microsoft Edge just got even more secure. After a tease a few weeks ago, Microsoft has just officially announced the availability of Edge Secure Network, the new built-in VPN feature for the Microsoft Edge browser.

Though still in an experimental stage with a small audience using the Canary version of the browser, Microsoft hopes this feature can provide extra peace of mind when using Edge on unsecured networks. As with most other VPN services, this built-in Secure Network can mask your device's IP address, encrypt your data, and route it through a secure network that's geographically co-located.  This will make it harder for hackers and others with bad intent to see your true location. The company that provides your internet also won't be able to collect your browsing data for ads.

Read more