What is two-factor authentication and how does it work?
Two-factor authentication is a security feature that helps protect your Facebook account in addition to your password. If you set up two-factor authentication, you’ll be asked to enter a special security code or confirm your login attempt each time someone tries accessing Facebook from a computer or mobile device we don’t recognize. You can also get alerts when someone tries logging in from a computer we don’t recognize.
Note: If you’re turning on two-factor authentication for the first time from a mobile device, you’ll be asked to turn on text message (SMS) codes for authentication. If you don’t want to use this authentication method, or you want to manage your different authentication methods, you’ll need to go to your Security and Login Settings from a computer.
To turn on or manage two-factor authentication:
- Scroll down and tap Account Settings > Security and Login
- Scroll down and tap Use two-factor authentication
- Tap the box next to Two-factor authentication
If you’ve successfully turned on two-factor authentication for your Facebook account, a checked box will appear next to Two-factor authentication at the top of your settings.
There are several authentication methods you can use with your Facebook account when logging in from an unrecognized computer or mobile device:
- Text message (SMS) codes from your mobile phone
- Security codes from Code Generator
- Tapping your security key on a compatible device
- Security codes from a third party app
- Approving your login attempt from a device we recognize
- Using one of your printed recovery codes
Keep in mind: You can use as many authentication methods as you’d like, but you need to have at least text message (SMS) codes turned on, or at least both a security key and Code Generator turned on.
Other Useful Resources
- If you haven’t saved the computer or mobile device you’re using, you’ll be asked to do so when you turn on two-factor authentication. This way you won’t have to enter a security code when you log in again. Don’t click Save this browser if you’re using a public computer that other people can access (example: a library computer).
- We need to be able to remember your computer and browser information so we can recognize it the next time you log in. Some browser features block this. If you’ve turned on private browsing or set up your browser to clear your history every time it closes, you might have to enter a code every time you log in.