Mobile apps not supported yet, but mobile web now works with NFC-enabled keys.

Facebook has announced that it's rolling out support for USB security keys as part of its two-factor authentication for accounts. USB keys can provide another way to prove who you are — in addition to your password — when logging into Facebook or other online services. Facebook's announcement backs up the support for SMS and app-based authentication, where you need to enter a number that's sent to you.

Facebook auth

Facebook can use USB keys based on the Universal 2nd Factor (U2F) standard (with a supported browser), and you'll find the new option in the "Security" section of the Facebook Settings page.

A few caveats apply at this early stage — you can only add a key from the desktop website right now, and Facebook's apps don't yet support USB keys. However, the mobile site does apparently support newer keys equipped with NFC, assuming you're using an NFC-equipped Android phone. So there are a few hoops to jump through, but still, it's great that a major service provider is giving users more options when it comes to two-factor security.