It was recently reported that Facebook was spamming users who had registered their mobile number with the two-factor authentication feature. Multiple users reportedly received text alerts without even opting in for the service and were bombarded with pesky notifications. Any responses to these text messages were posted on the user’s wall on Facebook.
Facebook has now come up with an explanation to pacify the users, revealing that a bug caused the security measure to send ‘non-security-related’ messages to the registered phone numbers.
Facebook’s Chief Security Officer, Alex Stamos has revealed that a bug was responsible for the notifications sent to users who had registered for the security feature. “It was not our intention to send non-security-related SMS notifications to these phone numbers, and I am sorry for any inconvenience these messages might have caused. We are working to ensure that people who sign up for two-factor authentication won’t receive non-security-related notifications from us unless they specifically choose to receive them”, he wrote in a post.
A fix for the spam notification issue is expected to arrive soon, however, a definite release timeline for the solution’s rollout has not been revealed.
Another issue created by the glitch was that users’ replies to the spam texts were automatically posted on their Facebook wall, or in the form of comments on a friend’s post. The Facebook executive revealed that this was not a glitch, instead, it’s an old feature which lets users post something on their Facebook wall via a text message. But now that the functionality has become ‘less useful these days’, the company is working on ‘depreciating’ the feature soon.
From the tone of the security chief’s post, two things are clearly evident. First, the two-factor authentication feature is here to stay. And second, Facebook never intended to send non-relevant notifications to users, something which was mentioned twice in the relatively short post for an added dash of emphasis.