Login approval is a security feature offered by Facebook that requires you to enter a special security code each time someone tries to access your Facebook account from a new device or browser. This extra layer of protection helps ensure that only you can access your account, even if someone else has your password.
What triggers login approval?
There are a few different scenarios that will trigger Facebook’s login approval feature:
- Logging in from a new device, like a new phone, tablet, or computer
- Logging in from a new web browser on a device you’ve used before
- Logging in from a new location or IP address
- When it’s been a while since you last used your account
Essentially, Facebook wants to double check it’s really you whenever something about the login seems unusual or out of the ordinary. This helps prevent hackers or other unauthorized people from accessing your account, even if they manage to obtain your password through phishing or other methods.
How does login approval work?
When login approval is triggered, you’ll be prompted to enter a special security code after entering your password. This code is sent to your primary contact method, which is either your registered email address or phone number.
Once you enter the code, you’ll gain access to your Facebook account. If you don’t enter the code within a certain time limit, you won’t be able to log in.
The next time you try to login from that same device and browser, you shouldn’t have to go through approval again. Facebook remembers that combination as trusted. But if you get a new phone, for example, you’ll need to enter a code again the first time you log in from it.
Enabling and disabling login approval
Login approval is optional on Facebook. Here’s how to turn it on or off:
- Click the down arrow in the top right and choose “Settings”.
- Click “Security and login” in the left sidebar.
- Under “Use two-factor authentication”, click “Edit”.
- Toggle “Require a security code to access my account” on or off.
If you disable login approval, the only thing standing between an attacker and your account is your password. Enabling the feature gives you an extra layer of security.
What to do if you’re locked out
If you’re unable to enter your login approval code for some reason, you have a few options:
- Wait for the code to expire, then try logging in again. You’ll be sent a new code.
- Use one of your backup codes if you set them up. These let you bypass approval.
- Go through Facebook’s account recovery process to regain access.
To avoid getting locked out, make sure your email, phone number and other recovery options are up-to-date in your Facebook settings.
Using backup codes
Backup codes let you bypass login approval in case you lose access to your primary contact method. Here’s how they work:
- When you first set up login approval, Facebook generates 10 single-use backup codes.
- Save these codes somewhere secure like a password manager or printed out.
- If you ever can’t get a code through email or text, enter one of the backups to log in instead.
- Each code expires once it’s been used.
Backup codes are optional. If you skip them, your only option is to go through account recovery if you lose access to your email/phone.
Using third-party authentication apps
Instead of getting codes through Facebook, you can use a third-party authenticator app like Authy or Google Authenticator.
To set this up:
- Download the app on your smartphone or tablet.
- Open Facebook and go to “Security and login” settings.
- Click “Use two-factor authentication” and select “Set up” under Authentication App.
- Follow the prompts to scan a QR code using the app.
Now when login approval is triggered, open the app to view your unique code instead of waiting for a text or email. This may be faster and more reliable.
Is login approval the same as two-factor authentication?
Login approval and two-factor authentication refer to the same Facebook feature. Some key things to know:
- “Two-factor” means you need two things to log in – your password plus a code.
- “Login approval” is Facebook’s name for its specific implementation.
- Enabling the feature adds an extra security check before accessing your account.
So in practice, “login approval” and “two-factor authentication” are interchangeable terms when talking about Facebook.
Pros and cons of login approval
Here are some of the key advantages and potential drawbacks of using Facebook’s login approval feature:
Pros
- Much better protection against password hacking or phishing
- Alerts you about suspicious login attempts
- Relatively easy to enable
- Backup codes help avoid lockouts
Cons
- Extra steps each time you log in from new devices
- Potential for lockouts if you lose access to your mobile device
- Requires keeping recovery options like email up-to-date
- Setup can be confusing for less tech-savvy users
Overall, the extra security provided by login approval is worth the minor inconvenience for most Facebook users. But it does require some responsibility on your part as well.
Best practices when using login approval
To get the most security benefit from login approval while avoiding headaches, keep these tips in mind:
- Add a mobile phone number – Getting codes by text is faster than email.
- Update your recovery email – You’ll need this if you lose access to your phone.
- Save backup codes – Print or store them somewhere safe like a password manager.
- Use authenticator apps – For quicker access to codes compared to texts/emails.
- Avoid public computers – Don’t enable approval from shared devices.
- Review login alerts – Check your email for suspicious activity.
Following these tips will help you enable login approval without shooting yourself in the foot down the road.
What does it mean if I don’t have the login approval option?
There are a couple reasons you may not see the login approval option under Facebook’s security settings:
- Your account is too new – Approval can only be enabled after some time on Facebook.
- You previously disabled the feature – If so, the “edit” button will be changed to “set up”.
- You’re logged in from an unauthorized device – Try a computer or phone where you regularly use Facebook.
- Your account was compromised – Hackers may have removed login approval.
If none of those explain the missing option, try updating the app or refreshing the page. If it’s still not there, contact Facebook support for help recovering and securing your account.
Should businesses use login approval?
Any business or organization with a Facebook presence should absolutely turn on login approval for their account. Here’s why it’s a no-brainer for Pages and Business accounts:
- Prevents costly account hacks and hijackings
- Stops employees from accessing tools after termination
- Gives you alerts about suspicious logins
- Helps comply with security best practices
- Offers protection if company passwords are breached
And because Pages have multiple editors, login approval provides accountability by signaling who is accessing the account and when.
The minor hassle of entering codes is nothing compared to the risks of a compromised Facebook account. Businesses ignore login approval at their own peril.
Managing approval for multiple team members
For businesses and other Pages with multiple editors, managing login approval can get tricky. Here are some tips to make it easier:
- Have each editor use their own individual Facebook account for access.
- Turn on approval at the Page level, not the personal account level.
- Create a shared inbox for getting the access codes.
- Use a team authentication app like Authy instead of individual texts.
- Document a system for tracking and distributing backup codes.
With some extra planning, you can make login approval work reliably for your entire team. And the added security is worth the effort.
Is login approval suitable for personal use?
Login approval is just as useful for regular personal accounts as it is for business Pages. Any Facebook user who wants more security should enable it by following these steps:
- Add your mobile number if not set up already.
- Go to Settings > Security > Login Approval and click “Edit”.
- Toggle on the approval requirement.
- Decide whether to generate backup codes.
- Check that email and phone recovery options are up-to-date.
As long as you have access to texts or an authenticator app, approval won’t interfere too much with daily Facebook use. And you’ll have peace of mind knowing your account is far more protected.
When is login approval especially recommended?
Here are some situations where using login approval is particularly advised for personal accounts:
- You use Facebook for work, finances, or other sensitive purposes.
- You’ve experienced suspicious activity or hacking attempts.
- Multiple people have access to or use your devices.
- You frequently log into Facebook from public, shared, or unfamiliar devices.
- You have reason to believe your password has been compromised.
For everyday users, login approval does require some minor adjustments. But it’s worth it for the massive security upside.
How does Facebook’s login approval compare to competitors?
Many major social media platforms and apps now offer some form of login or two-factor authentication:
| Platform | What they call it | How it works |
|---|---|---|
| Login Approval | Codes by text/email or authenticator app | |
| Two-Factor Authentication | Codes by text/email/authenticator app | |
| Login Verification | Codes by text/authenticator app | |
| Gmail | Two-Step Verification | Prompts on mobile, codes by text/authenticator app |
As you can see, the overall concept is very similar across platforms. The main differences are in the terminology and details of how you receive and enter the codes.
How does Facebook stack up?
Facebook’s login approval matches up well to competitors in functionality. Here’s how it compares:
- Offers standard text and app verification like most platforms.
- Also gives email as an option, which not all platforms allow.
- Provides useful account recovery options for lockouts.
- Generates handy backup codes to print and store.
- Allows easy toggling of the feature on or off.
Facebook hits all the major marks for a solid two-factor authentication system. For most users, it provides a good balance of security and convenience.
Can third parties require login approval?
In some cases, third-party apps or services that connect to your Facebook account may actually require you to enable login approval.
For example, banks, investment accounts, or cryptocurrency exchanges that offer Facebook login may force you to turn on two-factor authentication for added security.
Facebook also requires Pages with certain targeting capabilities, like housing or employment ads, to have heightened identity confirmation and account security to enable that targeting.
So if you come across the login approval demand from another service you use, that is perfectly standard. It simply means they are following security best practices in how they interface with Facebook accounts.
Are there any vulnerabilities in Facebook’s system?
There are a few weaknesses in Facebook’s implementation of login approval that attackers could potentially exploit:
- SMS text messages for codes can be intercepted through mobile carrier hacks.
- Email accounts can be compromised, blocking access to approval codes.
- If you lose your phone, you’re locked out unless you saved backup codes.
- Backups can be used by anyone if they are leaked or stolen.
- Authenticator app codes work even if your phone is stolen.
However, these vulnerabilities apply to all two-factor authentication systems that rely on SMS, email, or authenticator apps. And overall, login approval still offers far stronger protection than passwords alone.
How users can stay secure
To get the full benefit of login approval without introducing new risks, users should:
- Use authentication apps rather than SMS when possible.
- Keep mobile devices physically secure.
- Save backup codes somewhere private like a password manager.
- Add other recovery options like trusted contacts.
- Be alert for any suspicious account activity.
With proper precautions, Facebook’s system offers robust protection with minimal inconvenience to users.
Conclusion
Facebook’s login approval feature, also known as two-factor authentication, provides an important extra layer of account security. By requiring both your password and a unique code to log in, it ensures that only you can access your account, even if your password is compromised.
While enabling approval does add a few minor steps to the login process, it is well worth the additional peace of mind for both business and personal accounts alike. And with options like backup codes and authentication apps, the system strikes a good balance between security and convenience.
Overall, Facebook’s implementation matches up well to other platforms when it comes to key two-factor capabilities. Turning on login approval should be a no-brainer for any user who is serious about properly securing their account.