Source: https://www.engadget.com/2017/01/26/facebook-two-factor-usb-security-keys/
None of us want strangers accessing our accounts online. You might use a password manager, or two-factor authentication via SMS, but there's another way you can stay protected -- physical security keys. Following Google, Dropbox and others, Facebook has added support for these privacy-centric dongles today. When you log into your account, that means you can choose to prove your identity with a special USB stick, rather than a code sent to your phone. Yes, it's another object to keep on your keychain, but in return you'll be getting a superior level of protection.
Physical keys are supposed to be more effective than mobile apps and SMS verification, because there's no chance of phishing or man-in-the-middle attacks. They're also potentially faster -- just a tap on the physical key and you should have access to your Facebook account. It's a welcome move from the company, which is also announcing a redesigned Privacy Basics page today. Neither service is mandatory, but it's good to know they exist for Facebook's more privacy conscious users. Cyberattacks and identity theft are on the rise -- it's never a bad time to strengthen your defences.
Source: Facebook