One of the newest Facebook security features includes a process by which you can wrangle three friends to confirm that you are the holder of your Facebook account, in the event that you forget your password and you cannot verify your Facebook idenity. If you forget your password and attempt to identify your account by entering your Facebook username, you’ll need to receive an email or text to help reset your password. If you don’t have access to your email or your phone, you can choose that you “No longer have access to these” and enter a new email address. From there, you’ll have to enter a security question. If you get stuck, you can have your friends help you out with the Recover Your Account Through Friends Feature.
Of course, hackers can beat these steps just as easily as you can’t remember your own security code. This next step, however, has been criticized for being gameable. Popular thought around this new security feature warns that hackers can infiltrate your account by asking you to add friends, who they can then select to help “recover” the account to gain access. It’s also been thought that your own friends can use collusion and approach your account as a group to hack your Facebook account.
The reality is that the process prevents just this type of collusion. You have to choose your friends one at time. You can choose any friend in Round 1; then, you’ll have a chance to choose another friend from Round 2, but you’ll have less friends to choose from. When I tested the security feature I chose two other Lockergnome staff to “help” recover my account. My third group included only Facebook friends composed almost entirely of high school and college friends that I have not talked to in years. No other Lockergnome staff was available to select, and very few “fans” of Lockergnome appeared on this third list, indicating that your choice of a third friend to help recover your account will likely have little to no connection, via Facebook, to your first two Facebook friends. This indicates Facebook has designed the security feature to prevent collusion by malicious friends or hackers who want to access your accountw without consent.
This also means that anyone attempting to “infiltrate” your Facebook friend list by requesting you to suddenly add a group of new friends will backfire, as these people will likely be connected well enough according to Facebook’s algorithm that the hacker couldn’t select more than one of them to “recover” your account. That said, the prevention of collusion means that this security feature will work well for those who truly need it as a last resort for accessing their Facebook when they can’t remember their password, email address, phone number, or secret code.