A Gizmodo report on Wednesday detailed the latest in a long series of Facebook privacy blunders. The report said, and Facebook confirmed, that users with two-factor authentication (2FA) enabled had inadvertently been giving their phone number up to advertisers who used it for targeting purposes. The irony, which I’m assuming isn’t lost on Facebook, is that 2FA is meant to keep you safe online, not expose you.
Now that the cat’s out of the bag, there’s little we can do about Facebook’s mind-numbingly bad decision making as it pertains to user privacy. But what we can do is stop advertisers from targeting us by our phone numbers.
In the Facebook app, find the Settings & Privacy icon in the main screen’s hamburger menu. It’s on the bottom right of the screen for iOS users. From there, select Settings, and then Personal Information. On the next screen, you’ll see your email address, name, phone number, and other personal information. Click the phone number, and select Remove. Enter your password on the next page and then click Remove Phone.
You’ll get a confirmation email shortly after.
From Desktop, click the Settings link from the drop-down menu on the main page. Next, click Choose Your Facebook Information, and then View, under the Access Your Information heading. From the next screen, you’ll go to Personal Information, and then Your Contact Information. Here, you’ll see your phone number. Click Remove, and then Remove Phone when asked to confirm.
Look out for a confirmation email.
You may also want to remove your phone number from 2FA, if you’re using it. Text authentication is a subpar anyway. Stick to an authenticator app, like Authy or Google Authenticator, that doesn’t text your authentication code to you via SMS.
To remove 2FA, you’ll need to first disable it. On mobile, go to Settings > Security and Login > Two-Factor Authentication. Turn it off. When you re-enable it, use an authenticator app rather than your phone number.