Facebook has added two new security features. They don't do anything more to keep users' personal information safe, but they do make it harder for scammers to exploit any information they get hold of.
One allows users to approve the devices they usually use to log in, and notifies them via email or text when it's accessed from elsewhere.
"For example, you can save your home computer, your school or work computer, and your mobile phone," says software engineer Lev Popov.
"Once you've done this, whenever someone logs in to your account from a device not on this list, we'll ask the person to name the device."
There's also a new system designed to block suspicious logins before they happen by asking a security question when a new device is detected.
"You won't go through this flow often. We'll only ask you to prove your identity on the rare occasion that we notice something different," promises Popov.
"If you're ever asked to go through this flow, that's just Facebook's site integrity team saying 'Hi', and that we're here to help you protect your account."
And the EU's Article 29 Working Party, which handles data protection, yesterday warned the company in a letter that it was unhappy with its practices. It was 'unacceptable', it said, that Facebook had fundamentally changed its default settings to the detriment of users.