Forgotten passwords are a daily occurrence for people around the world. With so many accounts from email to social media profiles to movie streaming apps and more, it can be tough to keep track of every password for every site.
In an effort to help simplify the recovery process for account access, Facebook has announced its new expansion of its Delegated Account Recovery tool. In a partnership with GitHub, users of the software development platform will now have the ability to use encrypted account recovery tokens on Facebook to gain access back into their locked accounts. After a GitHub user forgets their password, they can send a recovery token from Facebook to prove their identity, thereby replacing the traditional email account recovery process.
Through this beta program with GitHub, Facebook hopes to gain more users and reduce any cyberattacks that could occur with email account recovery.
Facebook security engineer, Brad Hill, shared how this new offering enhances the security process for the account recovery process. He said, “The system is designed to be resilient even to large-scale data dumps of email and user databases that have become too common. With independently held cryptographic keys needed to use them, recovery tokens offer a level of security that we don’t often see from email.”
While this offering is currently only available to GitHub, Facebook is looking to expand this to other websites.