Apparently, your Facebook profile can be searched with 2FA number
What's the story
Once again, Facebook's two-factor authentication (2FA) system is being criticized for overreach.
The feature typically upgrades account security using your number, but just recently, Jeremy Burge of Emojipedia discovered it also uses the same number to make your profile searchable.
So, if you think that people can't look you up using the number you've used for 2FA, you're wrong.
Here's more on the issue.
Feature details
First up, what is 2FA?
Facebook introduced two-factor authentication as an additional line of security for accounts.
Basically, it allows a user to add their number and then use it to verify every new Facebook login.
Meaning, when you've got 2FA on, you will have to enter the code received on your mobile number - after the regular step of entering username-password - to confirm that it's really you.
Issue
But, these numbers also make profiles searchable
Just recently, Burge, the founder of Emojipedia, noticed that the number added for 2FA security made Facebook profiles searchable, 9To5Google reported.
He found that anyone (by default), who has the number you have used for 2FA, will see you a suggested friend after uploading their contacts on the platform.
And, more worryingly, there's no way to disable this, at least fully.
Information
Here's what Burge said about the issue
"For years Facebook claimed adding a phone number for 2FA was only for security. Now it can be searched and there's no way to disable that," Burge said on Twitter, while claiming that 2FA numbers were also shared with Instagram and WhatsApp.
Solution
Here's what you can do to avoid this problem
As Burge noted, Facebook offers no way to disable 2FA phone numbers from being searchable.
But, you can tweak the whole setting designed to control who can look you up using the number you've provided to the social network.
The setting, available in the 'Privacy' tab, is set to 'everyone' by default and you'll have to change it to 'friends' or 'friends of friends'.
Previous issue
Also, this isn't the first case of 2FA's overreach
This isn't the first time Facebook has been accused of using 2FA numbers for more than security.
In September 2018, the company was found to be using 2FA numbers for the purpose of ad-targeting.
Currently, Facebook states numbers will be used 'to help secure your account and more' but Burge claims the last two words were only added after it drew flak for ad-targeting.
Twitter Post
Here is Burge's tweet
The original FB phone number prompt never mentioned "and more". It was shown for MONTHS before a link was added in September 2018 clarifying "actually we'll use this wherever we damn well please" pic.twitter.com/FcOTIZdVf5
— Jeremy Burge 🐥🧿 (@jeremyburge) March 1, 2019