Facebook has always been under criticism because of its bad practices that lead to privacy violations. It has been proved on various occasions that the social media giant doesn’t respect your privacy at all.
Facebook never misses an opportunity to take advantage of your personal data (including your 2FA phone number) in every possible way. Some researchers from Northeastern and Princeton universities published a research study back in May 2018.
The study proved that Facebook used your 2 Factor Authentication numbers to serve advertisements. This revelation drove a huge outrage from the users and consequently, the company had to change its policy. Facebook allowed its users to enable 2FA service without a phone number.
Last week another report revealed that Facebook is using your 2FA number for mining contacts. In other words, any Facebook user can use that number to look you up on the platform. Unfortunately, this feature is enabled by default and there is no way that you can turn it off.
Facebook Will No Longer Use Your 2FA Info For Mining Contacts
In addition, Michel Protti, the chief privacy officer of Facebook confirmed in an interview with Reuters that Facebook’s “people you may know” feature also relies on this number. It is worth mentioning that millions of people had no idea that their 2FA info is used for this purpose.
Thankfully, Facebook has now decided to stop this practice within the next few months. The change would affect users in Cambodia, Libya, Ethiopia, Ecuador, Cambodia, and Pakistan starting next week.
If you are one of those who have already provided your 2FA number to the social media platform, you should take some necessary actions. First, you need to go to your settings and delete your number manually. Now you can enter it again to register for the 2FA service.
Furthermore, it is highly recommended that you should use an authentication app to avoid these problems in future. Notably, Microsoft Authenticator or Google Authenticator don’t use your phone numbers for 2FA. These apps rely on a six-digit code that acts as an alternate password.