Two-factor authentication (2FA) is a method which adds an additional security layer to prevent anyone from misusing your account. One of the most popular ways of adding that extra security layer in addition to the login password is through your phone number. So for instance, if you are logging in to your Facebook (or any other site which has 2FA) account from a completely new location, Facebook to make sure it is indeed you who is logging in, will send you a code on your phone number to verify.
But, as with all things Facebook, this phone number that is meant expressly for 2FA, can also be used to look up your profile. And there is no opt-out option.
What it essentially means is that the phone number can be used to target you with ads. It has now emerged that anyone with or without a Facebook account, can look up your Facebook profile associated with your phone number. Facebook sets the default drop-down for “Who can look you up using the phone number you provided?” to Everyone.
Twitter user Jeremy Burge highlighted this issue in a tweet storm and also said that days after he submitted his number to Facebook for 2FA, an Instagram page he was the admin of, prompted him with a ‘is this your phone number’ message.
According to a report in TechCrunch, a Facebook spokesperson said that this was not a new setting and it applied to any phone number added to your profile. In essence, if you are giving your phone number for 2FA, you are giving Facebook permission to share your number with advertisers. If one does not want to be targeted by advertisers, then 2FA needs to be set up without using a phone number.
How to disable your profile from being looked up using your phone number?
As mentioned before, Facebook sets the phone number lookup setting to ‘Everyone’ by default.
To change it, head to your Facebook account > Settings > Privacy > How People Find and Contact You > Who can look you up using the phone number you provided?