Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Facebook is countering reports about scams affecting its users—and a rising user perception of insecurity—with new security tweaks and the release of statistics suggesting that most of its 800 million active users experience few problems.

The company is also announcing two new features. One generates passwords for your Facebook apps to protect your main account; another deals with a side effect of security—the lockdown of compromised accounts—by enabling your Facebook friends to help you recover an account.

While Facebook employs some of the highest-tech tools in the business, it is also one of the Web’s most attractive targets by dint of its size. 

“I feel pretty strongly that Facebook is the safest place for users to have their information on the Internet, without question,” Tao Stein, Facebook’s software engineer for site integrity, said in an interview.

The first feature the social network is announcing today is app passwords, which provides a separate layer of password security for Facebook apps. In part this is meant to improve an existing login security feature called two-factor authentication, which sends a text message to your mobile phone bearing a unique code that must be entered to complete the login.

While this can effectively block hackers who’ve gotten hold of your password, it also has a downside: if you use the feature, you have to repeat the process each time you want to use an app.

The second feature, called “trusted friends,” will make it easier to recover your account if it is shut down or if you lose your password.  If you can’t access your e-mail account to retrieve a new password, Facebook will send codes to a preselected group of friends so that they can pass the codes to you.

“Facebook seems to be introducing some sensible new controls; time will tell whether they are effective and strike the right balance,” says Maxim Weinstein, director of Stopbadware, a nonprofit antimalware organization in Cambridge, Massachusetts, that helps legitimate websites rid themselves of malware infections, among other things.

Facebook also released a detailed graphic with statistics on security problems. The company said 4 percent of links shared on Facebook are spam; only one in 200 users experience spam on any given day; and .06 percent of a billion daily logins each day are compromised. “We wanted to show the immense scale at which we operate and the immense challenge to secure three quarters of a billion users and to be smart about how we do it,” says Jake Brill, product manager for site integrity at Facebook.

5 comments. Share your thoughts »

Credit: Facebook

Tagged: Computing, Web, security, Facebook, hackers, phishing, identity theft

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me