Skip to content

Frank Goossens' blog

  • Web-Tech blogposts
  • Other blogposts
  • WordPress & plugins
    • WP YouTube Lyte
    • Autoptimize
    • WP DoNotTrack
    • Do Not Donate!
  • about
    • Timemachine
    • Contact

account locked

Does Facebook want its chat back?

May 19, 2013 by futtta

thunderbird facebook not authorizedI’m pretty pissed. A couple of months ago I configured Thunderbird to connect to Facebook’s XMPP-powered chat. I did get logged out sometimes, with mails from Facebook saying someone tried to access my account from an unknown location. Given the origin IP-address mentioned (in the private 10.x.x.x-range), this looked like a Facebook-internal problem (between their XMPP & Authentication servers).
Things have however taken a turn for the worse now; I’m not only getting logged out from Facebook on my 3 devices (work Win XP PC, home Ubuntu netbook & Android smartphone), I’m now even getting locked out of my account altogether, having to change my password on my smartphone (as that one has the OTP generator in the Facebook app). This happened 4 times in the last week and it is that frustrating that I disabled Facebook Chat in Thunderbird. And maybe that’s just what Facebook is aiming for; encouraging users to use Facebook Chat in a Facebook-owned/ -controlled context instead of in a neutral, ad-free 3rd party application? Wankers!

Categories lang:en, rants & raves, Technology Tags account locked, facebook, wankers, xmpp 5 Comments

Now you can have my Facebook password as well!

November 15, 2012 by futtta

It’s been almost a year since I volunteered to give my readers my Google password, after enabling 2-step verification that is. I ended the blogpost on that topic with

And now off to Facebook security settings, to enable login notifications & approvals.

And although I did activate “login notifications” at that point, I did not enable approvals (for reasons I don’t remember, maybe I was just being lazy).
Fast-forward to yesterday evening, when I received a mail from Facebook that stated that my account was temporarily locked because my is was logged into from a location I had never used before. I immediately changed my password and finally enabled “login approvals” this morning as well. “Approvals” sends a security code via SMS when logging in from an unknown location, which you’ll have to enter before effectively logging in. I was pleasantly surprised to see Facebook added a Google Authenticator-like code generator to their Android and iOS apps that you can use to generate a security code as well. Adding the extra security of login approval is easy enough. If you’re on Facebook or Google, you really should consider enabling those (with or without their respective smartphone-based security code generators).
One downside though; using an external chat client (Mozilla Thunderbird in my case) to access Facebook Chat over XMPP doesn’t work any more as Facebook doesn’t provide “application specific passwords” like Google does. Update: as Jensen points out in the comments below Facebook does have application passwords, so I reenabled Facebook Chat in Thunderbird. But that might be a good thing anyway, as the warning mail I received from Facebook seems to refer to the use of Facebook chat over XMPP;

It looks like someone logged into “Rtgw_xmpp_username_password_login” on Wednesday, November 14, 2012 at 9:04pm.

Not 100% sure if this was a real login attempt or a false positive, but apparently I’m not the first one to receive such a warning.

Categories android, lang:en, security, Technology Tags 2-step, account locked, code generator, facebook, facebook chat, google authenticator, login approval, Rtgw_xmpp_username_password_login, two-factor authentication, xmpp 11 Comments

I am a "Web Performance and Architecture Consultant" from Belgium, working on Web and Mobile Architecture by day and WordPress and web performance by night (more info here).

  • subscribe to my web-tech blogfeed
  • abonneer op niet-technische artikels
  • @optimatters on Twitter
  • @futtta on mastodon
This is an ad-free blog!

You said, she said

  1. Max Janson on Autoptimize testimonial from Wolf Braun
  2. Chris on Contact Form 7 alternatives
  3. sachsongngu on WP YouTube Lyte featured on WP Glob
  4. lee on Hide-my-WordPress & Autoptimize compatibility glue
  5. futtta on Hide-my-WordPress & Autoptimize compatibility glue

Recent Blogposts

  • Adding PHP 8.2 in travis tests
  • Mastodon oEmbed requests overload; use WP Rest Cache
  • Twitterless Twaddle revisited
  • Autoptimize Pro released, secret discount code here ;-)
  • Autoptimize Pro is coming, 10 beta-testers needed!
© 2023 Frank Goossens' blog • Built with GeneratePress