The security attribute – meant solely to authenticate your identity on the social media platform – might have left your telephone number open for others to see, even to advertisers to bombard you with their advertisements, USA Today reported Monday.
The debate was initiated by Jeremy Burge, who runs the website Emojipedia, stating numbers added to use two-factor authentication proved now searchable.
“Facebook 2FA amounts are also shared with Instagram which prompts you’is that your telephone number?’ When you add to FB. WhatsApp also shares phone numbers with Facebook. Facebook shares telephone numbers with advertisers,” said Burge at a succession of tweets.
“For many years Facebook claimed… adding a telephone number for 2FA was just for safety. It can be searched and there is no way to disable this,” Burge added.
Last September, Gizmodo reported that Facebook also uses security advice to target adverts.
In a statement to the Guardian, Facebook stated it’s been receiving questions regarding two-factor authentication and phone number settings on Facebook.
“Two-factor authentication is a significant security feature, and last year we included the choice to set it up to your accounts without registering a telephone number. Separately, the’Who can look me up?’ Preferences aren’t new and are not unique to two-factor authentication,” the statement read.
“In April 2018we removed the ability to enter another individual’s phone number or email address to the Facebook search bar to help locate someone’s profile.”
The 2FA security practice also attracted criticism from Facebook’s former chief information security officer Alex Stamos.
Facebook”can’t credibly require 2FA for insecure accounts without segmenting that from hunt and advertisements,” Stamos tweeted.