Two-Factor Authentication (“2FA”/”TFA”) is the latest in security measure many online services have implemented and are implementing today. You probably encountered this or have been using it if you use any of these popular services:  Google;  HSBC;  Blizzard Authenticator;  Trion/RIFT Authenticator;  Garena Authenticator;  SOE Authenticator;  BioWare/SW:TOR Authenticator;  Yahoo; and the list is growing.
Facebook also implemented their own 2FA, however, it is confusing to activate it. So today I am going to guide you step-by-step on how to activate Facebook’s TFA and get an additional layer of security protection for your account. But what is it anyway? Here’s what Facebook has to say…
Get a coffee, a tea, or a drink and don’t forget the most important of all – your mobile phone. Ready? Hop in!
First things first, you need your mobile phone to take advantage of this feature, it doesn’t matter if it’s a regular phone or a smartphone. Facebook offers the traditional SMS method for non-smartphone users, and an Android app for well, Android powered smartphones. (Sorry, iOS based phones are not yet supported as of this writing.)
- Fire up your Google Chrome browser (yes, Chrome, you’ll know why later), and login to your Facebook account
- Go to
Security Settings: Down arrow besides Home > Account Settings > Security
- Look for
Login Approvalsthen click
Edit(note: If you use Mozilla Firefox, you probably won’t see this, otherwise continue to the next step)
- Check the checkbox for “Require me to enter a security code each time…” to start the activation process (note: If you use Mozilla Firefox, you might get an error. If you do, at this point you have no choice but to use Chrome as stated in Step #1 above, so go on, start from the beginning.)
- A message box will pop-up explaining what Facebook’s “Login Approvals” is about. It’s the same as what I showed you in the beginning of this article, so just click the
Set Up Nowbutton
- Facebook just sent you a random code via SMS text. If after a few minutes it still hasn’t arrived, follow the sub-steps below, otherwise skip to the next step:
- Go to
Mobile Settings: Down arrow besides Home > Account Settings > Mobile
- Make sure you have a confirmed mobile number attached to your account, add a mobile number if you have none and just follow the steps
- Make sure that your attached and confirmed mobile number is “Text Activated” as shown in the screenshot below. If it isn’t, simply activate it (on that same page) and follow the simple steps provided by Facebook
- Once done, go back to Step #6
- Go to
- After confirming your phone from Step #6, you will see a new pop-up box with “Success! Login Approvals are set up”, congratulations! Click
- Are you a smartphone (currently Android only) user?
- If you are, continue to our section on “Set up Code Generator” below
- If not, then click on
Not Now, you are finished with your setup
That’s it for everyone.
Set up Code Generator
What is Code Generator for anyway? Taking from Facebook:
Code Generator lets you approve logins even when you can’t receive text messages or access the Internet, by generating security codes directly on your smart phone.
Ready? Let’s continue:
- Continuing from the activation steps above, click on
- Go to Google Play (f. Android Market) and search for the official Facebook for Android app (the developer’s name for the app is no other than “Facebook”, install that one)
- Once installed, click
Nextand follow the instructions given to you, which is short and self-explanatory
- If it doesn’t work, just click the other option provided in the pop-up box in the previous step. You will be sent a URL via text to visit this URL: fb.me/cg, open it and follow the short instructions (again self-explanatory)
- After that, you’ll see this box “Success! Code Generator is set up”
- Click on
Test Code Generator
- Open Code Generator and enter the random code shown on it, then click
- If it says “It worked! Code Generator is all set up”, congratulations! Otherwise, go back to the previous steps and see where and what went wrong (in the first place, you shouldn’t have reached this step if it failed somewhere). And you’re done.
If you want to disable Code Generator, simply go to this URL while logged-in: fb.me/la.
Later, if you want to (re)-activate Code Generator, just go to
Security Settings (Down arrow besides Home > Account Settings > Security), click
Edit besides “Login Approvals”, click the link
Set up Code Generator, and follow the steps above.
Set up app passwords
You probably noticed it earlier, a link to “Set up app passwords”. These are unique passwords created for third-party apps so you can login to Facebook. Yes, you can not use your own password because it will trigger the Two-Factor Authentication process, which your third-party app doesn’t support at all / yet.
For example, you want chat to your Facebook friends via XMPP, you need to generate an app password to login successfully. Or instead of using the official Facebook app you are using another third-party app, you need to generate an app password for it.
You have the option of using the same app password for everything – but that is highly discouraged. The reason why you have to generate one app password per third-party app is so that you can track the software that can login to your account without the security layer 2FA offers. By having different app passwords, you can choose which app password to delete/terminate without affecting your other apps.
Your final Security Settings tab should look something like this now:
How-To Activate Facebook’s Two-Factor Authentication by Yuki is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Legal Notice.