Facebook’s new tool looks to replace traditional two-factor authentication
Facebook today announced a new means of securing your online accounts. Delegated Recovery, as it’s being called, looks to be a step forward for those afraid of losing their devices when using two-factor authentication (2FA) — which, should be most of us. Facebook security engineer Brad Hill explained the fear surrounding 2FA to TechCrunch: No matter …
With Delegated Recovery, Facebook lets users set up an encrypted recovery token for sites like GitHub, and stores it at Facebook. If you lose the login information for GitHub, you’d simply log in to Facebook and send the stored token to the site to prove your identity and regain access.
So on the plus side if you lose your two-factor authentication device you'd have a way to get back into a site. On the downside, you're trusting Facebook to be your recovery method. This is arguably better than relying on email. However, if you simply use a two-factor app likeAuthenticator or your fears of losing your 2FA device can be mitigated and not even really need anything like this at all.