How-To Activate Facebook’s Two-Factor Authentication

How-To Security showcase

Two-Factor Authentication (“2FA”/”TFA”) is the latest in security measure many online services have implemented and are implementing today. You probably encountered this or have been using it if you use any of these popular services: [1] Google; [2] HSBC; [3] Blizzard Authenticator; [4] Trion/RIFT Authenticator; [5] Garena Authenticator; [6] SOE Authenticator; [7] BioWare/SW:TOR Authenticator; [8] Yahoo; and the list is growing.

Facebook also implemented their own 2FA, however, it is confusing to activate it. So today I am going to guide you step-by-step on how to activate Facebook’s TFA and get an additional layer of security protection for your account. But what is it anyway? Here’s what Facebook has to say…

Get a coffee, a tea, or a drink and don’t forget the most important of all – your mobile phone. Ready? Hop in!

First things first, you need your mobile phone to take advantage of this feature, it doesn’t matter if it’s a regular phone or a smartphone. Facebook offers the traditional SMS method for non-smartphone users, and an Android app for well, Android powered smartphones. (Sorry, iOS based phones are not yet supported as of this writing.)

Let’s begin…

    Steps #1 ~ #5

  1. Fire up your Google Chrome browser (yes, Chrome, you’ll know why later), and login to your Facebook account
  2. Go to Security Settings: Down arrow besides Home > Account Settings > Security
  3. Look for Login Approvals then click Edit (note: If you use Mozilla Firefox, you probably won’t see this, otherwise continue to the next step)
  4. Check the checkbox for “Require me to enter a security code each time…” to start the activation process (note: If you use Mozilla Firefox, you might get an error. If you do, at this point you have no choice but to use Chrome as stated in Step #1 above, so go on, start from the beginning.)
  5. A message box will pop-up explaining what Facebook’s “Login Approvals” is about. It’s the same as what I showed you in the beginning of this article, so just click the Set Up Now button

  6. Step #6

  7. Facebook just sent you a random code via SMS text. If after a few minutes it still hasn’t arrived, follow the sub-steps below, otherwise skip to the next step:

      Steps #6.a ~ #6.d

    1. Go to Mobile Settings: Down arrow besides Home > Account Settings > Mobile
    2. Make sure you have a confirmed mobile number attached to your account, add a mobile number if you have none and just follow the steps
    3. Make sure that your attached and confirmed mobile number is “Text Activated” as shown in the screenshot below. If it isn’t, simply activate it (on that same page) and follow the simple steps provided by Facebook
    4. Once done, go back to Step #6

  8. Step #7
  9. After confirming your phone from Step #6, you will see a new pop-up box with “Success! Login Approvals are set up”, congratulations! Click Next

  10. Step #8
  11. Are you a smartphone (currently Android only) user?
    1. If you are, continue to our section on “Set up Code Generator” below
    2. If not, then click on Not Now, you are finished with your setup

That’s it for everyone.

Set up Code Generator

What is Code Generator for anyway? Taking from Facebook:

Code Generator lets you approve logins even when you can’t receive text messages or access the Internet, by generating security codes directly on your smart phone.

Ready? Let’s continue:

    Step #9

  1. Continuing from the activation steps above, click on Continue button

  2. Step #10

  3. Go to Google Play (f. Android Market) and search for the official Facebook for Android app (the developer’s name for the app is no other than “Facebook”, install that one)
  4. Once installed, click Next and follow the instructions given to you, which is short and self-explanatory
  5. If it doesn’t work, just click the other option provided in the pop-up box in the previous step. You will be sent a URL via text to visit this URL:, open it and follow the short instructions (again self-explanatory)

  6. Step #13

  7. After that, you’ll see this box “Success! Code Generator is set up”

  8. Step #14

  9. Click on Test Code Generator
  10. Open Code Generator and enter the random code shown on it, then click Test Code
  11. If it says “It worked! Code Generator is all set up”, congratulations! Otherwise, go back to the previous steps and see where and what went wrong (in the first place, you shouldn’t have reached this step if it failed somewhere). And you’re done.

If you want to disable Code Generator, simply go to this URL while logged-in:

Later, if you want to (re)-activate Code Generator, just go to Security Settings (Down arrow besides Home > Account Settings > Security), click Edit besides “Login Approvals”, click the link Set up Code Generator, and follow the steps above.

Set up app passwords

You probably noticed it earlier, a link to “Set up app passwords”. These are unique passwords created for third-party apps so you can login to Facebook. Yes, you can not use your own password because it will trigger the Two-Factor Authentication process, which your third-party app doesn’t support at all / yet.

For example, you want chat to your Facebook friends via XMPP, you need to generate an app password to login successfully. Or instead of using the official Facebook app you are using another third-party app, you need to generate an app password for it.

You have the option of using the same app password for everything – but that is highly discouraged. The reason why you have to generate one app password per third-party app is so that you can track the software that can login to your account without the security layer 2FA offers. By having different app passwords, you can choose which app password to delete/terminate without affecting your other apps.

Your final Security Settings tab should look something like this now:


Donations for the magus

  • XLM (Stellar Lumens) 🚀🪐17: yukino* XLM (Stellar Lumens) 🚀🪐17: yukino*
    • XLM memo/tag (optional): for
    • Highly preferred
  • ZEC (Zcash) Z0.03: t1W7HusjBAXgquM7YHu6xDUEBejmYPKU2HC ZEC (Zcash) Z0.03: t1W7HusjBAXgquM7YHu6xDUEBejmYPKU2HC
  • XRP (Ripple) X5: rU2mEJSLqBRkYLVTv55rFTgQajkLTnT6mA XRP (Ripple) X5: rU2mEJSLqBRkYLVTv55rFTgQajkLTnT6mA
    • XRP memo/tag (required): 246013
  • STEEM: yahananxie STEEM: yahananxie
  • ETH_smartcontract (Etherium) Ξ0.007: 0x739d2aae2a5b7a4e1d64c58d121c9d908d706c83 ETH_smartcontract (Etherium) Ξ0.007: 0x739d2aae2a5b7a4e1d64c58d121c9d908d706c83
    • Gas: please use at least 35,000
    • Do not send non-smartcontract ΞTH and ERC20 tokens to this address.
  • ETH_ERC20 (Etherium) Ξ0.007: 0xB127362Dc268B63cE22E697344D2c51e673f18B6 ETH_ERC20 (Etherium) Ξ0.007: 0xB127362Dc268B63cE22E697344D2c51e673f18B6
    • Accepts non-smartcontract transactions and ERC20 tokens (in particular: AWC, ENJ, PAX, TUSD, USDC)
  • BCH (Bitcoin cash) ₿CH0.004: pp8fkmchlu6a7c53a2s682jd70mncrzemsthca6ftl BCH (Bitcoin cash) ₿CH0.004: pp8fkmchlu6a7c53a2s682jd70mncrzemsthca6ftl
  • XBT (Bitcoin core) ₿0.0002: 32w1De4wvr5jEzC4g5P4rkjvqg2bvMR8Vk XBT (Bitcoin core) ₿0.0002: 32w1De4wvr5jEzC4g5P4rkjvqg2bvMR8Vk

CC BY-SA 4.0 How-To Activate Facebook’s Two-Factor Authentication by ᜌᜓᜃᜒ (Yuki|雪亮) is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Legal Notice.

Leave a Reply