Facebook is making two-factor mandatory for high-risk accounts

Facebook, a recently added subsidiary of Meta, said it will make two-factor authentication (2FA) mandatory for high-risk accounts likely to be targeted by malicious hackers.

The move is part of a major expansion of Facebook Protect, the social networking giant’s enhanced security program that’s intended to protect the accounts of people who may be at particular risk, like human rights defenders, journalists and government officials. The initiative helps these accounts adopt stronger security protections by simplifying security features — including 2FA — and providing additional security protections for accounts and Pages, including monitoring for potential hacking threats.

Facebook says it wants this feature to be used by all high-risk accounts, and is making it compulsory.

This means if a user identified by Facebook as high-risk does not enable 2FA once a set period has expired, they won’t be able to access their accounts. The company said users won’t permanently lose access to their accounts, but will need to enable 2FA in order to regain access.