Facebook has unveiled new measures to keep members secure when they log into its site. One is a temporary password; another is letting people sign out of Facebook remotely. Finally, it will also now regularly prompt members to update their security information. “Our new features are aimed at protecting people who log in from devices they don’t own as well as helping people who lose access to an account get it back quickly,” Facebook spokesperson Simon Axten told TechNewsWorld. Facebook members must have first listed a mobile phone number in their account information.
"The temporary password won't protect Facebook members from exposure to malicious links, Websense's Runald pointed out."
No, it won't. But it may protect their information if those malicious links lead to phishing sites, if the temporary passwords are required anytime one signs in away from their home computer (which would be a great security step). Take it from VeriSign (where I work): Facebook still needs extended validation ssl to cut down on phishing in a bad way -- there's really no better solution to showing users the difference between Facebook and FAKEbooks. Good to know that they're taking security more seriously, though.
Loading ...
This Facebook Password Will Self-Destruct in 20 Minutes
Posted by: Richard Adhikari October 13, 2010 12:00 PMFacebook has unveiled new measures to keep members secure when they log into its site. One is a temporary password; another is letting people sign out of Facebook remotely. Finally, it will also now regularly prompt members to update their security information. “Our new features are aimed at protecting people who log in from devices they don’t own as well as helping people who lose access to an account get it back quickly,” Facebook spokesperson Simon Axten told TechNewsWorld. Facebook members must have first listed a mobile phone number in their account information.
No, it won't. But it may protect their information if those malicious links lead to phishing sites, if the temporary passwords are required anytime one signs in away from their home computer (which would be a great security step). Take it from VeriSign (where I work): Facebook still needs extended validation ssl to cut down on phishing in a bad way -- there's really no better solution to showing users the difference between Facebook and FAKEbooks. Good to know that they're taking security more seriously, though.