Update: My mom got her Facebook account back. Shortly after tweeting this article at the @fbsecurity account, Facebook security personnel reached out to me and, after an investigation of the account and some back-and-forth, reset the account (and we immediately set up 2FA).
I am relieved, and overjoyed that my mom's memories and pandemic social life have been restored to her – but I'm still frustrated at the lengths it took to restore her account. Most people don't have this platform to make a plea to Facebook nor have their tweets noticed by Facebook personnel; indeed, multiple people replied on Twitter or emailed me to express that they, too, were failed by Facebook's internal account recovery tools and feel abandoned by a platform they've spent years on.
I asked the Facebook security contact who helped me what these people should do, and reached out to Facebook's press account – neither responded with a helpful answer. Should they just tweet at @fbsecurity in hopes that someone will take an interest in their plight? I wish I had a real answer. If I get one, I'll post it here.
In the meantime, I'll leave the article below as a warning: help your parents and loved ones set up 2FA before their online lives are lost.
In the middle of June, someone stole my mom’s Facebook account. She asked me for help, and with so many other fires to put out – gadgets to review, articles to write, dinner to make, pets to take care of, a bachelor party to plan – it fell by the wayside. But now that Facebook has radically limited its account recovery process, there’s no way to get it back. A decade of my mom’s digital life is gone.
Like a bit under three billion people around the world, my mom has stored some of her life on Facebook – mostly in photos of vacations and milestones, but also in the web of people she’s kept up with over the years on the most popular social network on the planet. It’s her only link with many of these folks, and in an ordinary year, losing these connections would be devastating.
But it’s been far from an ordinary year: like others in their 60s, my mom has kept at home, and Facebook has been her only lifeline to the outside world. The pandemic has ripped away our social lives, and we’ve turned to online alternatives – but for many older individuals, Facebook is the only place to go. And as things tenuously start to open up, her network of associations and groups is all on Facebook, planning without her.
She didn’t have 2-factor authorization on her account – she struggles to remember her passwords as it is. She could have clicked the email alert notifying her that her Facebook account’s password had changed – but she didn’t, figuring it was a phishing scam. We’ve been trained to watch out for unofficial messages so well that we can barely tell when it’s the real thing.
And thanks to the way Facebook has set up password recovery, with no customer service contact to reach out to – no human being to reason with, no authority to make our case – all those memories and networks are gone.
Facebook: account recovery if you’re still in the account
If you search ‘Facebook account recovery’ on Google, you’ll find half a dozen methods, because Facebook has changed their process so many times over the years. It makes sense – as the social network got bigger and instituted more complex security methods, scammers got more sophisticated in their ways to steal accounts.
That’s why you’ll see online (and perhaps remember) some methods to recover your account, like having your friends report it was hacked. Some recourse, some method. But now, if someone else got into your account and changed the password and recovery email, you’re done. The account is gone. Because, for all that Facebook calls it a ‘Help Center,’ it only offers one route to reset the password: send it to the email address on file.
Y’know, the one changed to the hacker’s email address.
There was a brief window to contest the password change: if we’d clicked on the possibly-phishing email, there’s a now-expired link to tell Facebook that this was a hack. But there’s nobody to make our case to, now. The hacker has the last decade of my mom’s digital life. And access to all the accounts she signed up with using Facebook – y’know, like Facebook encourages.
Two-factor your parents’ digital lives. Now.
Former baseball pitcher Vernon Law might have said it best: “Experience is a hard teacher because she gives the test first, the lesson afterwards.” While the lesson here is obviously to add 2-factor authentication to everything, it’s also that you need to do this for your parents and grandparents, too. We’ve entered an age where their digital lives – not just financial but social – need to be safeguarded.
Most of them probably won’t make the jump to the next Facebook, if there is one. Their friends are on one social network, and so is their digital history. They’ve settled in. They’re (digitally) home.
Like any human being on the planet, they won’t want to go through even more hassle to get into their accounts. Tough. Download a free Authenticator mobile app (Google Authenticator, Microsoft Authenticator, or Authy) and load Facebook into it or set up a security key. Make them open their phone to authenticate every time they want to idly scroll their timeline and comment on posts. Have them change their password at the first whiff of strange activity.
Because if you don’t, and a hacker locks them out, you won’t have much recourse beyond tweeting desperately at any Facebook-related account. Or writing a blog pleading for Facebook to listen.
So that’s it, Facebook – I’m begging you to reach out to me on Twitter or over email [david(dot)firstname.lastname@example.org] to get my mom’s Facebook back. I promise I’ll turn 2-factor authorization on the second she’s in.
- Stay on top of tech news with the TechRadar newsletter
Sign up for Black Friday email alerts!
Get the hottest deals available in your inbox plus news, reviews, opinion, analysis and more from the TechRadar team.
David is now a mobile reporter at Cnet. Formerly Mobile Editor, US for TechRadar, he covered phones, tablets, and wearables. He still thinks the iPhone 4 is the best-looking smartphone ever made. He's most interested in technology, gaming and culture – and where they overlap and change our lives. His current beat explores how our on-the-go existence is affected by new gadgets, carrier coverage expansions, and corporate strategy shifts.