Latest in Gear

Image credit: Busakorn Pongparnit via Getty Images

Facebook: Two-factor authentication spam was caused by a bug

The social network promises to roll out a fix in the next few days.
343 Shares
Share
Tweet
Share

Sponsored Links

Busakorn Pongparnit via Getty Images

A number of people have been receiving random notifications from Facebook after giving the social network their phone number for two-factor authentication. Worse, if they attempt to cancel that by replying to the message, say with STOP or CANCEL, Facebook would post their replies as a status update for all to see. Now, the social network has admitted that the issues were caused by a bug and promised to roll out a fix that will stop non-security-related notifications in the next few days.

Facebook Chief Security Officer Alex Stamos explained that the website didn't intentionally spam people who signed up for two-factor using their phone numbers. After all, Facebook doesn't want to deter people from signing up for 2FA. "[T]he last thing we want is for people to avoid helpful security features because they fear they will receive unrelated notifications," he said.

The exec has also revealed that responses to the notifications got posted as status updates due to an old feature that allowed posting via text message. Obviously, that's no longer as useful in a world where WiFi hotspots and mobile data are becoming more and more common. That's why Facebook is now working to deprecate that feature, so those sick of getting random notifications can rage-reply to them without having to worry that their friends would witness their meltdown.

Until Facebook rolls out a fix, those affected by the bug can go to Settings > Notifications to switch off text notifications. (That's what I did when I started getting these messages some months ago.) Those who'd rather not risk the same thing happening in the future can choose to use a physical key or one of those code-generating apps instead of giving their phone numbers to the social network.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
343 Shares
Share
Tweet
Share

Popular on Engadget

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

Netflix's 'Cowboy Bebop' production pauses after John Cho is injured on-set

View
Nike puts an accessibility twist on its iconic Air Jordan 1

Nike puts an accessibility twist on its iconic Air Jordan 1

View
Alphabet’s Wing starts drone deliveries to US homes

Alphabet’s Wing starts drone deliveries to US homes

View
Boeing messages hint staff may have misled FAA about 737 Max

Boeing messages hint staff may have misled FAA about 737 Max

View
Judge refuses to block the release of ‘The Laundromat’ on Netflix

Judge refuses to block the release of ‘The Laundromat’ on Netflix

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr