Last year Facebook has launched a security feature called Login Approvals or two-factor authentication. In this authentication process facebook uses users mobile to authenticate the user, When user will logging into his Facebook account from a new device, a code will be sent to his phone which he will have to enter before he is granted access to his Facebook Account. This security bug is discovered by a secutiy researcher Christopher Lowson.
When you open your Facebook account from a new device facebook will take you to a verification process where you have to submit the security code which is sent to your activated mobile device. When you click the option “I can’t get my code” .
and After clicking this you got asked “Log in without entering codes from now on?” by Facebook. Finally you are able to login without verification Codes and 2 step authentication Security feature Turned off and Bypassed simply by options.
A very less percentage of facebook users are aware about this feature which is actually implemented last year and still have such bugs. facebook should fix this security bug.