Facebook’s Two-Factor Authentication

Facebook’s Two-Factor Authentication

Facebook’s Two-factor authentication is a security feature that helps protect your account in addition to your password.

Once you have set up Facebook’s two-factor authentication, if you (or someone else) try to log in to your account from a browser or mobile not previously recognised, you will be required to enter a special login code or confirm your login. You can also get alerts when this happens.

If you are yet to do this, do it today! Why?

We have noticed an increase in enquiry coming our way from potential clients whereby Facebook has recently disabled a Businesses Ad account when the owners of the page have not authenticated their profiles.

Furthermore, we recently had a situation where an ASX listed company asked for our help after almost losing their entire Facebook profile because of this.

Check out this case study. Note, names have been changed for privacy purposes:

John is the director of a ASX listed company and had lost all connection to their social profile. How did this happen? One of his staff, (let’s call him Craig) was an admin (not an employee) on the Business Manager as well as directly on the Facebook page. Because Craig did not have two-factor authentication set up on his personal Facebook profile, his profile was successfully hacked. The hacker was able to give himself admin access to all the Business Pages and Business Manager, then remove Craig along with all the other page admins. While Craig put in a case to Facebook to get his account back, he was unable to gain access to the company pages along with any of the actual company owners.

John opened a case with Facebook in early November 2020 and by February 2021, no resolution had been reached. Luckily, John found us, and with a little magic, a lot of paperwork and some very convenient connections, we were able to reinstall John to his Business page and get the hacker removed.

Why is this so serious? Apart from the obvious, not being able to control what is being said on their company page (and any number of damaging scenarios can be suggested here), they lost control of the Business Manager that housed the three year old Pixel and all its associated valuable data along with their Ad account!

Unfortunately, in this case, we had to sacrifice the Business Manager, but we were able to create a new one and set it up correctly. We ensured all staff had two-factor authentication on their accounts before being allowed access to any social assets, and only through employee access in the Business Manager.

Bottom line, this can all be avoided by simply adding two-factor authentication to your personal accounts and only giving people the access they really need to do their job, through the correct portals.

If you have not yet completed this, here’s our step-by-step guide to activating Facebook’s two-factor authentication on your account:


NOTE: If you are hacked, the first port of call is the bank! Cancel any credit cards that may be associated with you or your Business Facebook page. If you’ve ever “boosted” a post or advertised on Market Place – Facebook has your credit card details stored on your Ad account. Do not take a chance! Also, ensure you take notes on dates, times and process you may have followed. Ensure you make a note of any case numbers Facebook may supply – it’s easier to follow up existing cases, than start new ones (and less confusing for Facebook).