Another solution to prevent Facebook hack is an authenticator app

I recently wrote about how to reclaim your Facebook account after it’s been hacked (see But several readers said it’s not so easy to recover a Facebook account.

a sign on the side of the road: One way to reduce your chance of having your Facebook account hacked is to use an authenticator app.

© JOHN GREEN/Contra Costa Times/TNS
One way to reduce your chance of having your Facebook account hacked is to use an authenticator app.

They report that the recovery process Facebook offers its users is slow and sometimes doesn’t work at all. There’s no fix I can suggest for that, because Facebook is in control of when or if it returns hacked Facebook accounts to users. But I can suggest a way to reduce your chances of being hacked, or to improve your chances of account recovery if you are hacked: Add an “authenticator app” to the device on which you log in to Facebook.


Load Error

When an authenticator app is set up with a website like Facebook (see, it adds a layer of security that you won’t even notice. You’ll log in to the Facebook site with your username and password as usual, and Facebook will recognize both you and the device you’re using (computer, phone or tablet). The authenticator app only comes into play if someone tries to log into your Facebook account using an unrecognized device. Facebook then creates a temporary passcode (it lasts only 30 seconds) that’s based on some authentication standards and the time of day — but Facebook won’t tell anyone what that code is.

If the person using the unrecognized device is you, your authenticator app will calculate the same code in the same way, then display it so that you can type it onto the Facebook page. When the codes match, your identity has been “authenticated” and Facebook will allow you to sign in.

But if the person using the unrecognized device is a hacker (who has stolen your username and password), he or she won’t have the temporary passcode and won’t be allowed to sign in.

Wait a minute, you say. Isn’t this just a fancy description for the “two-factor authentication” that Facebook already offers — the company will text you a verification code that you can type into the website to prove your identity?

No. While authenticator apps are a form of “two-factor authentication,” they’re much…