Why We’re Adding Extra Security for Facebook Logins

Share 0
Tweet 0

May 27, 2026

Standard Post
col

0 comments

The Story

Most of you log into House Sitting Australia using Facebook. It’s convenient, familiar, and that’s where our community has been for years.

When you sign in with Facebook, we receive a simple confirmation that you successfully logged into your Facebook account. That’s it.

We don’t see whether your Facebook account has strong security, whether two-factor authentication is turned on, or whether someone else might have access to it.

For a long time, this was just how things worked. But following some important discussions during our recent development work, we realised we needed to take more responsibility for protecting accounts — especially for those logging in with Facebook.

We wanted to make sure that using the most common login method didn’t leave anyone more exposed than necessary.

The Problem:

Here’s the honest situation:

When you log in with Facebook, your HSA account is only as secure as your Facebook account.

Unfortunately, Facebook accounts often have weaker protection than many people realise:

  • A relatively low number of users have strong two-factor authentication enabled
  • Phishing attacks targeting Facebook users are very common
  • Many people use the same password across multiple sites
  • Account recovery can sometimes be bypassed if a phone number or email is compromised

In house sitting, the stakes are real. If an account is taken over, someone could potentially:

  • Read your conversations
  • Accept or cancel sits
  • Access addresses and personal contact details

We don’t want to scare anyone. But we also don’t want to ignore the reality.

This is especially relevant because the majority of our users log in with Facebook. We had to ask ourselves:Are we doing enough to protect people who use the most common login method?

The answer was: not yet.

The Solution:

We can’t control how secure Facebook makes its platform. So we chose to add our own thoughtful layer of protection on top — one that supports our community rather than getting in the way.

What we’ve built for you

We introduced email step-up authentication for important actions, starting with accepting sit applications.

Here’s how it works in practice:

  1. You log in with Facebook as usual.
  2. When you go to accept an application, we check whether we recognise your device.
  3. If we don’t, we send a simple 6-digit code to your email.
  4. You enter the code and continue.
  5. You can tick “Trust this device for 30 days” so you don’t have to enter codes repeatedly on that device.

This gives us an independent way to confirm it’s really you — separate from Facebook.

Extra peace of mind we added

  • Login alerts — We’ll email you if someone signs into your account from a new device or location.
  • Trusted devices — Once verified, your usual devices are remembered for 30 days.
  • We’ll continue expanding protection to other important actions over time.

These features are designed to work quietly in the background. They only appear when something meaningful is about to happen, so normal use stays simple and smooth.

What you can do to stay even safer

While we’ve improved things on our end, here are the most effective steps you can take:

  • Turn on 2FA on your Facebook account (an authenticator app is better than SMS)
  • Consider logging in with Google instead of Facebook — it generally offers stronger built-in protection
  • Regularly check your logged-in devices and recovery options on Facebook
  • Use a password manager to avoid reusing passwords

Even with our new features, using a more secure login method, combined with the protections we’ve added, gives you the strongest position.

Our Commitment to You

We support Facebook login because that’s where most of our community is. At the same time, we’re committed to making sure convenience doesn’t come at the cost of safety.

By adding these extra checks, we’re giving Facebook users real, practical protection without making daily use harder.

This is part of our ongoing work to look after the people who trust us with their homes and sits. We’ll keep improving account security over time, including adding authenticator app support in the future.

Thank you for being part of this community. We take the responsibility of protecting your account seriously.

Author Image
About the Author

col

Share 0
Share 0

Colin Dixon, a passionate traveler and experienced house sitter, has been exploring Australia and caring for homes since 2007. As a skilled Math, Science, and IT teacher, he has balanced his love for teaching with his adventurous spirit. Through his popular Facebook group and insightful blog, Colin has built a strong community of house sitters and homeowners. His dedication to sharing valuable resources and connecting like-minded individuals shines through on this website, making it a trusted source for house sitting advice and opportunities.

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}