Skip to main content

After hacks, Facebook unlocks new security mechanisms

Mark Milian
Facebook CEO Mark Zuckerberg's public page on his website was hacked this week.
Facebook CEO Mark Zuckerberg's public page on his website was hacked this week.
  • Facebook adds a security feature that asks you to identify friends in pictures
  • The social networking site is also adding the option of secure Web browsing
  • These additions come after a pair of high-profile hacks on the site this week

(CNN) -- Facebook is adding new security features, which come after a pair of high-profile cracks in the site's defenses that surfaced this week.

One new mechanism is called "social authentication." To combat spam and prevent strangers from weaseling into your account, the system will sometimes show the user a friend's headshot and ask to match a name to that face.

This multiple-choice photo quiz is a new take on a common Web system called Captcha.

The older method displays a picture of some squiggly letters and asks you to type those on the keyboard. It's used for verifying that a site's user is a person and not a computer program looking to exploit systems.

Facebook reduced spam from partners' applications by 95% last year, Bret Taylor, the company's technology chief, said at a conference this week. The social networking giant currently employs Captcha technology, but this new method could supplant that.

Adding this human touch could not only combat robot intruders but also weirdos who try to thumb through your account after you forget to log out of the library computer.

"The vast majority of people who have used Facebook have never experienced a security problem," Alex Rice, a Facebook security engineer, wrote on the company blog. "However, if we detect suspicious activity on your account, like if you logged in from California in the morning and then from Australia a few hours later, we may ask you to verify your identity so we can be sure your account hasn't been compromised."

Facebook also started rolling out the option to securely browse the social networking site using a secure connection.

Like the technology used by banking and some e-mail services like Gmail and Hotmail, this defense encrypts all information to and from Facebook so that it's much harder for someone to eavesdrop on the Wi-Fi line.

"With a little motivation and not much skill, it's fairly trivial to sniff HTTP traffic," Alan Ross, the lead security analyst for Intel IT, told CNN in November. "Maybe I want to see all Web traffic for Facebook because I want to see what the interesting person across the cafe is updating on Facebook."

Soon, Facebook account holders concerned about hackers can turn on the "secure browsing" option in their settings panel.

Two Facebook users in particular should be advised to opt in to the feature. Mark Zuckerberg, the company's CEO, and French President Nicolas Sarkozy were both victims of intruders on their Facebook pages this week.


Most popular Tech stories right now