Facebook is letting users tie a physical security key to their account as an added layer of security.
Hackers infiltrated the European social network VK.com at some point over the last several years and made off with credentials for 100 million of its users.
In order to achieve this goal Facebook just announced in a blog post that is now offering you the ability to encrypt e-mails via OpenPGP, an email encryption system.
“To enhance the privacy of this email content, today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to “end-to-end” encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications”, says Facebook
So basically the social network will allow you to give it your public key so that mails you might receive from Facebook (for example password resets) will be encrypted. You can also enable encrypted notifications: Facebook will then sign outbound messages using your key so that you can be sure the emails are genuine.
The encryption system Facebook is using is OpenPGP where the PGP stands for “Pretty Good Privacy”. It’s one of the most popular standards when it comes to protecting email and should really serve its purpose well. Read this article if you want to find out more about Public Key Cryptography and PGP – it really will make the whole technique easier to understand.