Facebook now makes Two-Factor Authentication (2FA) easier to set up by allowing common third-party apps like Google Authenticator or Duo Security on both desktop and mobile.
2FA adds layer of security to your Facebook login by requiring you to provide a passcode or from “something that you have” (which is the 2FA generated codes) on top of “something that you know” (which is your personal password).
Facebook used to implement a phone number as mandatory means of 2FA
To get started, download the third-party authenticator app on your desktop or mobile. I recommend “Google Authenticator”. This is the app that will generate the additional code that Facebook will require you to input as secondary to your account password.
To enable your Facebook 2FA, visit facebook.com/settings and click the “Security and Login” tab.
Click “Get Started”.
Choose “Authentication App” as your security method. (you may also choose to opt for a “text message” as another way of 2FA. In which a code will be sent to you via SMs instead of using an app to generate a time-based code for you)
If you choose “Authentication App” as your security method, a QR code will be generated for you to enroll to your app. Open your “Google Authenticator” app and tap “+” to add and scan a new barcode. Scan the barcode using your camera and once enrolled, an entry on the app will show up generating a code you will need to login. A new code is generated every 60 seconds.
I recommend to save a back up copy of the QR code and make sure to secure it so no one else can access it. So you can re enroll anytime in any event that you lose access to your phone or your 2FA codes.