Facebook updated the feature that allows users to recover the hacked account with the help of three Facebook friends. In the past, Facebook sent secret code to 3 facebook friends you choose. Using those secret codes, you can retrieve your account.
But this feature was abused by BlackHat hackers to compromise the victim's account by becoming friend from three different profiles.
To overcome this problem, Facebook introduced a new feature called "Trusted Contacts" that allows users to select 3 to 5 friends to receive the secret code to recover your account.
"It's sort of similar to giving a house key to your friends when you go on vacation--pick the friends you most trust in case you need their help." Facebook security update reads.
Simple steps to add trusted contacts to your account:
- Go to your Security Settings
- Click on the Trusted Contacts section
- Click Choose Trusted Contacts
- Choose 3-5 friends and confirm your choices
However, there are few risks in using this feature. If friends decided to have fun with you, they are able to access your facebook account.
I don't know why Facebook is not providing the two-step authentication like Google Does.