Recover password, Facebook wants to replace email

The social network wants to make it easier and safer to recover your password in case you forget it. Here's how it works recover password with Facebook

Not only social networks. Since a long time Facebook has accustomed us to innovations that concern not only its core business (posts, photos and shares, in fact) but also and above all the defense of privacy and security of Internet users. Several measures have been put in place in recent weeks, some of which also concern services external to Facebook.

If January 2017 closed with the releases of two-step authentication with cryptographic USB stick and a new privacy policy (on the occasion of Data Privacy Day 2017), February opens with a novelty that could affect a bit all Internet users (or, at least, those 2 billion or so who have a profile on Mark Zuckerberg's social network). Facebook, in fact, wants to replace security questions and secondary email addresses to recover lost or forgotten passwords. How? Simply by leveraging the credentials you usually use to connect to Facebook

How Facebook delegated recovery works

The system, called delegated recovery, will initially be tested on GitHub, a platform where software developers share their work and ask the community for help to test and improve it. How to recover passwords with Facebook? During the procedure to regain possession of your credentials, you can reauthenticate using the account of the social network and request to send a token (with time stamp) that will allow you to restore your profile and access it again. These operations, of course, will take place during a protected session and all data exchanged will be encrypted: in this way, even if someone would try a man in the middle attack, neither the Facebook password nor the unlocking tokens will be usable by cyber criminals.