A Facebook 2FA phone number search flaw makes more private information discoverable by others and users can’t opt out of it…
Facebook faces more user backlash as some people are now complaining about a flaw with its 2FA or two-factor authentication.
It’s a security measure which helps to protect people from hacks and other nefarious behavior. And, it’s used by many digital entities to help keep their members’ information safe.
But, lat year, Facebook users found it had a different purpose — to sell more advertising.
Facebook 2FA Flaw Allows People to Search Users’ Phone Numbers
In the fall of last year, a group of researchers from Northeastern University and Princeton University used real-world tests to demonstrate how Facebook deceives its users into giving up even more personal information. The social network harvests phone numbers from unsuspecting users through two stealth methods: two-factor authentication and “shadow contact information.”
Facebook used 2FA phone numbers to essentially grab contact information. Meaning, Facebook then targets others who haven’t directly turned over their phone numbers with ads.
Now, it’s been learned using the Facebook 2FA also allows people to search the site by phone numbers and there isn’t a way to opt out:
For years Facebook claimed the adding a phone number for 2FA was only for security. Now it can be searched and there’s no way to disable that. pic.twitter.com/zpYhuwADMS
— Jeremy Burge 🐥🧿 (@jeremyburge) March 1, 2019
Although users can still hide the phone numbers from the public on their profiles, it is possible to search them.
Furthermore, Alex Stamos, former chief security officer and now adjunct professor at Stanford University tweeted:
“This is why tech companies need somebody advocating for security as a first-class goal in product, which is a different function than good security engineering. FB can’t credibly require 2FA for high-risk accounts without segmenting that from search & ads.”