Connect with us

Hi, what are you looking for?


Facebook Unveils ‘Delegated Recovery’ to Replace Traditional Password Recovery Methods

short form content news
How do you reset the password for your Facebook account if your primary email account also gets hacked?Using SMS-based security code or maybe answering the security questions?

Well, it’s 2017, and we are still forced to depend on insecure and unreliable password reset schemes like email-based or SMS code verification process.

But these traditional access recovery mechanisms aren’t safe enough to protect our all other online accounts linked to an email account.

Yahoo Mail can be used as an excellent example.

Once hackers have access to your Yahoo account, they can also get into any of your other online accounts linked to the same email just by clicking the link that says, “Forgot your password?”

Fortunately, Facebook has a tool that aims to fix this process, helping you recover access to all your other online accounts securely.

At the Enigma Conference in Oakland, California on Monday, Facebook launched an account recovery feature for other websites called Delegated Recovery — a protocol that helps applications delegate account recovery permissions to third-party accounts controlled by the same user.

Starting today, Delegated Recovery is available to GitHub users for account recovery, allowing them to set up encrypted recovery tokens for their Github accounts in advance and save it with their Facebook accounts.

So in case they ever lose access to their Github account, they can re-authenticate to Facebook and request the stored token be sent from their Facebook account back to Github with a time-stamped signature, proving their identities and securely regaining access to their accounts.

READ  Pay Attention! New Android Malware inflamed 2 Million Google Play Store customers

This whole process takes place over encrypted HTTPS Web links and completes within a few seconds.

Since the stored token is encrypted, even Facebook can not read the personal data stored in that token.

The social network giant also assured that except its assertion that the person recovering the GitHub account is the same who saved the token, the company doesn’t share any personal information about the user with GitHub.

According to the social networking giant, the Delegated Recovery service will be especially helpful for online users who have lost their smartphones, physical tokens or keys used as a second factor of authentication.

“We also want to offer the ability for people to use other accounts, such as a GitHub account, to help you recover your access to Facebook.”


 said Brad Hill, Security Engineer at Facebook, Facebook has published the protocol behind the feature and the technical specifications on its GitHub page. You can also read more information about the feature on Facebook’s official pst.Since no system is hacker-proof, Facebook has invited hackers and security community for reporting bugs, submit suggestions, and feedback.

Delegated Recovery is part of Facebook’s bug bounty program, allowing security researchers and bug hunters to test and find out security vulnerabilities in it.

This tool is being released as open-source that would allow other third-party sites to implement it, but for now, the service is available only for GitHub.


You May Also Like


Pinterest іѕ thе latest social network tо tаkе thе world bу storm. While social networking skeptics call іt wіll јuѕt аnоthеr site іѕ thе...


A TikTok video has gone viral showing a Virgin Australia passenger getting into a confrontation with the plane’s pilot, even grabbing the pilot’s shirt...


Popular TikTok content creator Waffler, who has more than 2 million followers on the short form video app, has reportedly passed away at the...


We will be talking about how to make money from your blog traffic with this simple tool “”, you can actually make money when...