In lieu of traditional email password recovery, Facebook will be introducing encrypted tokens that can be stored for a rainy day.
Brad Hill gives his two cents
Facebook engineer Brad Hill announced at the USENIX Enigma conference that a new step in personal cyber-security was underway. The interest in this new form of security back-up is due to the fallibility of email recovery protocols.
The current method potentially allows a perpetrator more access to associated accounts via your email. Now, a site will be able to send you a Designated Recovery token to be stored in your Facebook profile.
Facebook can’t read the token and should your phone meet an untimely demise, that token can be sent via your profile to restore login information.
The token test
Facebook will be rolling out a test run of Designate Recovery tokens through a partnership with GitHub.
To foster adoption of this new form of security, Facebook has posted the blueprint on their own open source site at Github.com.
Should Designate Recovery gain momentum, people may gravitate toward centering life around their Facebook profiles rather than conventional email, marking a major shift in Facebook’s personal use.