Facebook users are now better protected from unauthorized password changes
Facebook users are now better protected from unauthorized password changes and suspicious logins thanks to a new set of security features.
The first: if a user enters an old password that has since been changed, Facebook now tells the user when the password was changed and asks if the user remembers doing so. If they don’t remember, they are asked to verify their identity, and are prompted to reset their password or use the hacked account self-recovery tool.
The second change: if an account is logged into from somewhere distant from its usual login location, the person accessing the account will also be brought through the identity verification flow which instead of changing passwords involves identifying friends in photographs.
However, it’s not perfect. Some users have friends they can’t recognize by photo, or are prompted to identify people in photos that only include logos, pets, or other indistinguishable images — and they have been mistakenly locked out of their accounts by this identity verification method.