Facebook said it plans to add a new security feature that will allow mobile device users to reset their password so they can regain access to their accounts. Mobile password reset, which was announced Monday, will give mobile users the ability to identify their accounts and and choose which email addresses should receive …
facebook sms auth catch-22
i got locked out of my fb account because i have login approval required via phone but no phone number defined on profile!!!!!!
This happened because i deleted my phone number from my public profile but i didnt mean to also delete it from the login security section. However, when i changed my public profile, their stupid site also deleted the phone number from the security login approval section too, while keeping active the mandatory login approval via sms.
That results in a catch-22 scenario, i cannot login until i get a sms with an auth code, but i cannot get the code since there's no phone number listed to send the sms to.
Since there's no phone number left to send sms to, and i don't currently have a device that's already authorized (i run ccleaner weekly to clear cookies and other stuff) that effectively means their system gives me no other way to recover my account and they get to sit on and steal my private data without letting me have any say in it.
At least with Google's 2-factor auth sms security i have some printed recovery codes i can use, but they didn't give me any recovery codes to print.
And they dont want to turn off the mandatory sms auth (or restore the previous phone number or convert it to email-based auth) for accounts that no longer have a phone number listed. It's impossible to send a sms to a non-existing number.
As to my government-issued id, i'm NOT going to send that, because OF COURSE i didn't use the name that the government uses for me but i used the name most of my friends know me by.
On the plus side
You not longer have a facebook account.
No facebook account
If you do not have a Facebook account, it is impossible to lose access to it.
Pity it's too late for the News of the World ...
Slow news day
"Popular website copies trivial feature from desktop version to mobile version". Is this really newsworthy?
Removal of personal information
From what I understand, it is possible to request removal of personal information about you from Facebook, if you have an account. Such as photos you don't want public.
However, I'm damned if I can find out how one would even find pictures of oneself on Facebook, let alone request for them to be removed, without selling them your soul. I don't have a Facebook profile/account, and I don't want one.
I do not consent to my personal information, such as photographs of me, being made public on this web site. As far as I can tell I have no recourse whatsoever on this issue - and I certainly have no desire to give this company even more private details.
This, in my professional opinion is a fundamental breach of the UK's Data Protection Act and my right to privacy. Photos which include the subject's face are certainly 'personally-identifiable information' under the terms of the act. Under the terms of the act they must not transfer the information to other parties without my consent. That includes making them available on a public web site.
If such a facility does in fact exist, they have hidden it very well. Does anyone know more than me about this?
Depends if the user of the photo is considered to be FB itself, using it for business purposes, or the user of Facebook, in which case it's okay as photographs taken purely for personal use (including sharing with friends) are exempt from the Data Protection Act.
Facebook seem awfully keen to get people's mobile numbers, but of course they're doing this to help you, not to give them more opportunities to make money from you, oh no...
Just thought of something else!
How long before we start being swamped by advertising texts via FB??
Aha, yet another security breach vector...
So, someone can now steal my mobile phone, get my password reset and steal my FB identity...
Complete and utter bollocks
"If you are reporting something you don't like, we want to make it easy for you to communicate with the person who posted it, Muriello explained. “For example, if you don't like a photo of yourself that someone uploaded, you can use social reporting to ask that person to take it down.”
I befriended someone who claimed to play one of the facebook games after they posted a request on that games forum. I first reported them to facebook three weeks ago and I am flagging at least two or three posts a day of their links to a porn site.
I could unfriend them but I'm curious to see how long it takes facebook to remove someone for blatantly breaching the T&Cs
ran into FB's infamous mobile phone "verification"
I have a Facebook account -- yeah, yeah, I know -- which I use primarily for promoting my art and posting links to my latest pieces on my blog; no screwing around with games, no apps, and I'm only "friends" with people who are actual friends or who I've personally met in real life. That's about it.
When I finished setting up the account, it dumped me to the "verification" stage; while it supposedly gave me the option to verify by email, in reality the only choice I got was to verify by mobile phone. Needless to say, fat goddamn' chance that Facebook got my mobile number; it also didn't help that Facebook's mobile number "verification" request that landed in my email almost exactly mimicked a "phish". The result is that while I have a totally functional Facebook account, my page doesn't have a standard Facebook URL that's reachable by the rest of the Web -- which actually suits me fine.
In fact, now that I think of it, there's another reason I didn't give FB my mobile number: they could've looked it up and used the data in my mobile account as a basis to kick me off FB for not using my "real" name ("IT'S A TRAP!")
That's the same vibe I get when reading this article about FB dangling this supposedly keen-o, neat-o, whizzy feature in front of its users -- another attempt to scrape more data.
"IT'S A TRAP!"
re: identify by phone number
That's what God intended pre-paid phones for. Unlisted, anonymous and can be used for two-factor auth. Sure, the airtime is more expensive, but you don't use it for regular calls anyway. You don't even need a separate phone* ,you can use just the sim-card.
*)unless you want to hide from FBI / telco as well, not just from FB. Those can see your hardware id.
- Does Apple's iOS 7 make you physically SICK? Try swallowing version 7.1
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- Pics Indestructible Death Stars blow up planets with glowing KILL RAY
- Hands on Satisfy my scroll: El Reg gets claws on Windows 8.1 spring update
- Video Snowden: You can't trust SPOOKS with your DATA