Jan. 26, 2011 at 1:40 PM ET
If you've spent any time on Facebook today, no doubt you've seen more than a few of your Facebook friends describing the hoops they had to jump through just to log on — that is, if you've managed to log on yourself. If you haven't yet tried, be prepared to correctly identify a series of photos from the accounts of random friends to prove you are who you say you are.
It's all part of Facebook's "Data Privacy Day" celebration, a poorly promoted — yet totally real — "international celebration to raise awareness and generate discussion about information privacy." It's so real, both the U.S. Senate and House of Representatives recognized Jan. 28 as Data Privacy Day in 2009.
That Facebook CEO Mark Zuckerberg's Facebook fan page was hacked on Data Privacy Day Eve (the most magical night on the Internet!) is mere coincidence. Or conspiracy. It certainly sets the stage for punny snarks regarding Facebook's ongoing and contentious conversation about privacy.
Meanwhile, in honor of this government-sanctioned … um… "holiday"… Facebook is rolling out a couple of security features officially launched today.
Social Authentication is the culprit in today's kerfuffle — and it's got a few bugs to work out.
According to Facebook's Data Privacy Day blog post, this feature kicks in if Facebook "detects activity on your account, like if you logged in from California in the morning and then from Australia a few hours later."
Rather than asking you to input some crazy captcha letters to prove you're human, you're asked to identify Facebook friends from a random assortment of photos accompanied by multiple-choice answers, because, "hackers halfway across the world might know your password, but they don't know who your friends are."
The problem here is, maybe you don't know your friends either — what they look like, anyway. Like me, lots of people have way more "friends" on Facebook than they ever did in real life. We may trade "Harry Potter" quotes on an hourly basis, but I'll be danged if I can identify most of them from a photo alone.
Thanks to multiple choice, I was able to guess my way through authentication when I encountered this feature a few months ago in a hotel lobby … and I ain't the brightest light on the Christmas tree. I'm thinking a hacker could guesstimate, too.
Even if you're not a friend hog, those friends you do have may not use photos of themselves in their profile pictures. So if you don't have your friends' dog, children or favorite cartoon character from childhood committed to memory, you could have problems. Facebook does give you a couple of shots to get it right.
Secured Connection is another new feature launched today — and it's got a few bugs you may encounter.
An optional feature available in the security section of your Facebook settings, Secured Connection offers an "HTTPS" encryption to protect your Internet activity and information from prying eyes. It's the same connection you'll see in the URL when you're banking or completing a purchase online. The Facebook blog suggests this security setting when you're using a public computer.
The Facebook blog also notes a few bugs that may or may not be connected with other issues users are currently complaining about. Secured Connections can slow down your Facebook pages as encrypted data takes longer to load, the blog points out. What's more, some Facebook features and many third-party applications are not supported in HTTPS.
Facebook users who have not chosen Secure Connection report a slow Facebook connection today, as well as missing several Facebook and third-party functions. It's not clear if these bugs are connected to the launch.
Here's some other known bugs Facebook is actively dealing with right now:
And in the grand spirit of Data Privacy Day, here's some current Facebook security information you should know:
One-time passwords: This feature is handy when you're logging into public computers in hotel lobbies, airports, etc., and you don't want to leave any trace of your regular password where some clever code monkey can find it. You request a password via your mobile device.
Remote log-out:If you're afraid you left yourself logged on to Facebook at a friend's house or mobile device, at work, etc., this feature allows you to log out from a second device.
Security prompts: When you you log on, you should get a prompt reminding you to keep your security information updated. Of course, you don't have to wait to receive a prompt to do this. What's more, you probably shouldn't.
Maybe you didn't get the day off for this very real, government-sanctioned holiday, but remember kids — hackers never take the day off.
More stories about the annoying way we live now: