Facebook social login and https security instituted

Facebook has put new security features in place -- but are they too secure? Image: Flickr / MoneyBlogNewz / CC-BY

On the same day that founder Mark Zuckerberg’s Facebook page appeared to be hacked, the site announced new security features. As with most Facebook changes, not everyone is happy. The social login is causing particular frustration with users.

Major Facebook hacking problems

In the past few days, Facebook has had several problems with hacking. Political protest pages and user’s accounts were being hacked, mainly from and dealing with users in Tunisia. Earlier today, Mark Zuckerberg’s page appeared hacked. The page was removed within minutes, but not before several screen shots had been taken by news outlets. Facebook has not released an official statement about the hackings but appears to be making some major changes.

Browsing Facebook with https

The HTTPS protocol that Facebook initially integrated in response to the Tunsinia hackings seems to have been made global. There is now an option to “browse Facebook using HTTPS whenever possible.” The HTTPS protocol is secure, though it also depends what kind of connection you use. Links posted to Facebook usually are not to HTTPS sites, so clicking a link while in that mode can be problematic from a security point of view.

Facebook social login

The social login security feature of Facebook appears to be good idea on the surface. If you are logging into Facebook from a new computer, Facebook could ask you to identify four or five of your friends’ faces from a multiple-choice list. The problem with this is that Facebook pulls the pictures of your friends that are “tagged,” and some photos are tagged with a person’s name who isn’t in the photo. You may end up having to identify your Facebook friends’ kids, pets or which “Simpsons” characters your friends think they are. In short, using the “tagging” system may not work well as part of a security feature, given how Facebook currently works.