New Facebook service aims to make security questions a thing of the past.
Dan Goodin (US) - 31/1/2017
Facebook is unveiling a new service that remedies one of the biggest headaches facing online users today—the forgotten password.
Starting Tuesday, Facebook will offer a service that allows users who lose their GitHub login credentials to securely regain access to their accounts. The process takes only seconds and uses a handful of clicks over encrypted HTTPS Web links. To set it up, Facebook users create a GitHub recovery token in advance and save it with their Facebook account. In the event they lose their GitHub login credentials, they can reauthenticate to Facebook and request the token be sent to GitHub with a time-stamped signature. The token is encrypted so Facebook can't read any of the personal information it stores. After the request is sent, the GitHub account is restored. With the exception of Facebook's assertion that the person recovering the GitHub account is the same person who saved the token, Facebook and GitHub don't share any personal information about the user.
Full Article