For years, Facebook has given its users the option of protecting their accounts with two-factor authentication. Soon, the platform’s highest-risk users will no longer have a choice: The social network will require them to lock up their profiles with more than just a password. Good.
Facebook’s parent company, Meta, has required since last year that advertising accounts and administrators of popular pages turn on two-factor. It’s not the only platform taking this step; in May, Google announced a move toward making two-factor authentication the default for all of its users. And while Meta says that its current initiative applies only to the politicians, activists, journalists, and others enrolled in its Facebook Protect program, this seems like a sort of test for figuring out how to make two-factor authentication as easy as possible for everyone to turn on. Meta is also working to make sure it can help troubleshoot any related issues that may arise for users around the world.
We aren’t planning currently on rolling it out to everyone, but we can slowly expand within the communities where it’s most critical—communities where people could be most targeted and where the consequences would be most significant, Meta’s head of security policy, Nathaniel Gleicher, told reporters ahead of the announcement.