Facebook on Thursday rolled out a new set of measures designed to further protect accounts more often targeted by hackers, including those of human rights activists, journalists and government officials, among others.
As part of this effort, Facebook is expanding its “Facebook Protect” program, first tested in 2018 ahead of U.S. elections, to countries around the world in order to protect highly targeted accounts from being compromised.
“It is a community of people that sit at very critical points in public debate and are highly targeted, just that for their protection they probably should be enabling two-factor authentication, and it’s widely investing so much in simplifying the process,” Nathaniel Gleicher, Facebook’s head of security, told reporters ahead of the announcement.
More than 1.5 million accounts have enabled Facebook Protect since September, and 950,000 of these accounts were newly enrolled in using two-factor authentication as part of participating in the program. The program is currently in place in around a dozen countries, and Facebook plans to expand it to more than 50 countries by the end of 2021, including India, the United States, Myanmar and Ethiopia.
“We need to be particularly careful as we increase security features’ adoption while also helping people not lose access to these accounts,” Gleicher said. “We plan to expand to these regions early next year, leveraging all that we’ve learned from the earlier waves to minimize risks of disruption while protecting critical voices around the world.”
As part of this, certain accounts of high-profile individuals will be required to implement two-factor authentication, which requires two steps for logging in and is seen as an essential component of cybersecurity.
Gleicher noted that only around 4 percent of Facebook monthly active users globally currently use two-factor authentication, which will not be made mandatory for anyone besides more high-profile users. In countries already using Facebook Protect, adoption rates of two-factor authentication for accounts required to enroll was at 90 percent within one month of the program rolling out.
“The need for this level of security is just getting higher and higher as threat actors get more and more agile at exploiting different types of openings in these systems,” Gleicher told reporters.
“I am not suggesting, and no one should, that two factor is a silver bullet or a perfect security protocol, by itself it is just one tool,” he said. “It is however a very effective tool that has shown to have significant impact on the exposure of accounts.”
-Updated at 7:48 p.m.