Facebook's Delegated Recovery Method Tries to Improve Upon Two-Factor Authentication

Advertisement
By Shekhar Thakran | Updated: 31 January 2017 12:36 IST
Highlights
  • Facebook has open sourced the feature for wider application
  • The tokens generated as part of this method are encrypted
  • The new feature is also eligible for company's bug bounty programs
Facebook's Delegated Recovery Method Tries to Improve Upon Two-Factor Authentication

Facebook has announced a new recovery tool, called Delegated Recovery, which aims to help users in improving their account security. The social media networking site has released the new feature in collaboration with GitHub in a limited manner in order to get customer feedback but has shared the protocol behind this feature so that more services can adopt the recovery design going ahead. Notably, the company last week added a NFC-based two-factor authentication, alongside support for physical security keys.

The Delegated Recovery method is being demonstrated on GitHub, and makes use of encrypted tokens that are stored in users' Facebook accounts. These allow users to get back into their GitHub account in case they lose access. As these tokens are encrypted, Facebook says that it cannot read users' personal information. The tool is said to be an additional authentication method that can supplement two-factor authentication.

Facebook Launches NFC-Based Two Factor Authentication Process for Added Security

"If you ever need to recover your GitHub account, you can re-authenticate to Facebook and we will send the token back to GitHub with a time-stamped counter-signature. Facebook doesn't share your personal data with GitHub, either; they only need Facebook's assertion that the person recovering is the same who saved the token, which can be done without revealing who you are," Facebook said in a note on its website.

Advertisement

The social networking firm says that going ahead, it wants to give users' the option of recovering access to their Facebook account using other accounts such as GitHub. The company wants to essentially improve upon the traditional password recovery tools such as security questions, which it says are inconvenient as well as risky.

"Recovery emails and SMS messages are common alternatives, and while they can get the job done, both are showing their age: neither offers the end-to-end security guarantees we expect from modern protocols," it added.

Advertisement

"GitHub maintains direct control of how it authenticates its users, how it assesses password strength and other risk signals, and how it deploys a diverse set of two-factor authentication methods.

So what do you do if you lose access to the phone number or security keys you use at GitHub? An email address alone can't provide the same level of two-factor authentication to recover access, so starting Tuesday, you'll be able to use your Facebook account to provide additional authentication as part of the recovery process at GitHub," the company elaborated on the motive behind the method.

Advertisement

The new feature has also been associated with Facebook's bug bounty programs to allow researchers to find out the existing flaws and vulnerabilities in the new recovery method. Considering that tokens for all supported websites will be stored in your Facebook account, it is likely to become a hub of users' online account information.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Facebook Delegated Recovery, Facebook Recovery Tool, Social, Apps, GitHub
Quark 2017: BITS Pilani Goa to Host Skill Development Workshops
Advertisement
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Nothing Phone 3a Pro 5G Long Term Review: A Blend of Style, Speed, and Power
  2. Oppo K13x 5G With 6,000mAh Battery Launched in India: See Price
  3. Boat Airdopes Prime 701 ANC With Up to 50 Hours Battery Launched in India
  4. BSNL 5G FWA Plans in India to Start at Rs. 999 a Month With 100Mbps Speed
  5. Xiaomi Mix Flip 2, Redmi K80 Ultra Set to Launch on This Date
  6. Asus V470VA All-in-One PC Review: A Stylish AiO PC For Everyday Work
  7. Redmi A4 5G Gets a New RAM and Storage Variant in India
  8. AI+ Pulse, AI+ Nova 5G India Launch Timeline, Design and Colours Revealed
  9. Nothing Phone 3 Full Specifications Surface Ahead of Its July 1 Debut
  10. These Samsung Galaxy Models Could Get One UI 8 Beta Update This Month
#Latest Stories
  1. Apple Reportedly in Talks to Acquire Perplexity AI to Strengthen Its Artificial Intelligence Efforts
  2. AI+ Pulse, AI+ Nova 5G Confirmed to Launch in India in July; Design, Colour Options Revealed
  3. iPhone, iPad Pages Updated With Energy Labels to Comply With New EU Regulations
  4. China’s Restrictions on Rare Earth Mineral Exports to Reportedly Adversely Impact Supply Chain Jobs in India
  5. Boat Airdopes Prime 701 ANC With Up to 50 Hours Total Playback Time Launched in India: Price, Features
  6. Huawei Mate XT 2 Launch Timeline Leaked; Said to Offer Satellite Connectivity
  7. Samsung Galaxy S24, Galaxy Z Flip 6 Tipped to Get Android 16-Based One UI 8 Beta Next Week
  8. Kabul Now Available for Streaming on Lionsgate Play: What You Need to Know About Political Thriller Online?
  9. Kubera OTT Release Reportedly Revealed: Where to Watch Dhanush Starrer Movie Online?
  10. BSNL 5G FWA Plans in India to Start at Rs. 999 a Month With 100Mbps Speed; Pilot to Begin in September
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.