Facebook, continuing its efforts to help keep users safe and secure on the social networking site, is launching its Security Checkup tool today. The new tool includes account login status, login alerts and password safety features.
Login status is an important part of account security at Facebook. Users can log in to the site from multiple locations and devices, but they can also forget that they are logged in. The Security Checkup tool shows users where they are logged in so that they can see devices they have forgotten about—or potentially notice a login that is unauthorized. Unlike some online services, Facebook does not currently have a default timeout feature that will log a user out of the site after a period of inactivity.
Facebook credentials can also be used to gain access to third-party sites and applications, but this component is not part of the Security Checkup tool.
"This [login] section of Security Checkup only includes Facebook apps," Melissa Luu-Van, product manager at Facebook, told eWEEK. "Login permissions for third-party apps that use OAuth can still be managed in App Settings and/or reviewed in Facebook's Privacy Checkup."
Facebook Privacy Checkup is a separate tool that was launched in September 2014 as a way to help users with the configuration of privacy settings.
The new Security Checkup tool has an additional login capability, called login alerts. With login alerts, Facebook users can choose to be notified if an account login is attempted from a browser or device that has not been used to log in to the specific Facebook user account before.
The third element of the security checkup tool concerns password protection. "It includes tips and the option to change your password if you want," Luu-Van explained.
Facebook also supports two-factor authentication with a feature it calls Login Approvals, which has been part of the platform since 2011. With Login Approvals, users receive a text message with a unique code that needs to be entered into the Facebook login screen in order to get access. Luu-Van noted that the Security Checkup tool does not currently include an integrated option to enable two-factor authentication.
"People can still turn that on in Security Settings," Luu-Van said.
Another capability in Facebook's platform that the Security Checkup tool is not currently addressing is malware scanning on user systems. Facebook has multiple partnerships with security vendors, including ESET, F-Secure and Trend Micro, for malware scanning.
"Based on feedback from people who used Privacy Checkup and those who participated in the Security Checkup test, we know an easy, lightweight experience is critical for engaging with people who aren't already security-minded," Luu-Van said. "So the controls in this iteration of Security Checkup were chosen because they require minimal effort from people and still have high impact for enhancing security.
"We encourage people to share their feedback for what we can improve or add to future iterations," Luu-Van added.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.