Skip to main content

How two-factor authentication works on Facebook

Updated today

Two-factor authentication is an additional security feature alongside your password that protects your Facebook account. We recommend enabling this authentication to protect yourself from potential hacking attempts.

Two-factor authentication requires you to enter a special login code each time. If someone tries to access your Facebook account from an unknown browser or mobile device, you must confirm this login attempt. In such cases, you may also receive login alerts.

How to enable and manage two-factor authentication:

  1. Scroll down to Use two-factor authentication and click Edit.

  2. Select the security method you want to add and follow the on-screen instructions.

When setting up two-factor authentication, you must choose one of three security methods:

Once two-factor authentication is enabled, you can generate ten recovery codes. You can use these if you do not have access to your phone. You can find more information here: Set up recovery codes.

Additional notes

  • If you have not saved the browser or mobile device you are using, you will be prompted to do so when enabling two-factor authentication. This way, you won’t have to enter a security code each time you log in again. Note: If you are using a public computer that others can access (such as in a library), please do not click “Save this browser” for security reasons.

  • Facebook needs to store your computer and browser data to recognize them the next time you log in. Some browser features may block this. If you are using private browsing mode or have configured your browser to delete history each time it is closed, you may need to enter a code every time you log in. Learn more about this here.

  • To set up two-factor authentication via SMS, you can use either an existing mobile number already added to your account or add a new one. Learn more about how Facebook uses mobile numbers for two-factor authentication here.

Did this answer your question?