As part of the company's effort to provide more security to its massive user base, social networking giant Facebook recently announced that it is rolling out a new recovery tool called Delegated Recovery. The new tool was released in collaboration with GitHub. This new feature will improve the NFC-based two-factor authentication method which Facebook released last week.
The Delegated Recovery method is under demonstration on GitHub. According to NDTV, the new tool uses encrypted tokens which are stored on the user's Facebook account. Should users lose access of their Facebook account, they can simply login to their GitHub account and recover the encrypted tokens in order to regain access.
Facebook claims that the tokens are fully encrypted, which means that even the company itself cannot access nor read any information that are stored therein. Facebook will be testing this new tool on GitHub in order to gather feedbacks regarding some unpatched bugs, as well as how to further improve the tool, according to Phandroid.
In a statement posted on its website, Facebook wrote, "If you ever need to recover your GitHub account, you can re-authenticate to Facebook and we will send the token back to GitHub with a time-stamped counter-signature."
Facebook is planning to release the new Delegated Recovery tool as an open source software. Moreover, Facebook is also looking forward to third-party partners to adopt this new security protocol in helping users recover their Facebook account.
Prior to the introduction of the new Delegated Recovery tool, the most common account recovery method is through the use of email or phone number verification. However, specially modified hacking attacks have proved that this recovery method has its limits and vulnerabilities as well. Facebook is offering an alternative option by doing the recovery method on its end by providing fully secured HTTPS connections.