How To Use PGP Key on Facebook Account for Security

Facebook has added a new feature in midst of their desert of insecurity. Here is How To Use PGP Key on Facebook Account for Security. Worst possible security can be found on Facebook with zero official support. It is actually not abnormal to get an account hacked or fully spammed by a Third Party Application. Suppose you want to reset the email in that bad situation, there is no warranty that the Third Party Application who is spamming will send you a spoofed email faking as official email. These is where this feature is helpful. Facebook has HSTS domain but they do not force the users to use HTTPS.

How To Use PGP Key on Facebook Account for Security : Needed Stuffs

We talked about GPG before. We also talked about GPG’s role in maintaining the trust of security. GPG is free. GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880. So you need to install the client for OS X or GNU/Linux Desktop or Microsoft Windows.

Secondly, activate the HTTPS feature on Facebook. We have an old guide on Facebook Security and needed settings for better security.

Facebook is one of the Agent of NSA, it is the worst and frankly blacklisted by Richard Stallman. Be careful about all the steps.

How To Use PGP Key on Facebook Account for Security

We are showing the method using OS X GnuPG Client. You need to go to this section on Facebook while logged in :

Copy paste the above URL on your text Editor and open it on browser. Just above the BASIC INFORMATION options, there will be the BASIC INFORMATION, there will be PGP Public Key option. You can click to Edit it.

Now open GnuPG Client. Create a New Key with 4096 length, with less longer expiration time, add a hard password and use the email which is used for Facebook. After generation of the Key, export it to desktop. Open that Public file with any GUI text editor and copy the whole thing. Paste on Facebook’s PGP Public Key option field. Save it. Facebook will send you an automated email for verification. You can not open it without the password. After verification, the encryption will work for communications.