Facecrooks security documents this 2 factor authentication approach
QUOTE: Phishing scams are widely popular on Facebook. Cyber criminals relentlessly pursue ways and means to obtain Facebook usernames and passwords. These compromised accounts often send out spam or scam messages virally across the platform. Scammers can also data mine these accounts and their network of friends. This information can be used for identity theft or other targeted attacks.
Login Approvals is a two-factor authentication feature employed by Facebook. It’s an added layer of security that requires a code to be entered to complete the login process if the device isn’t recognized by Facebook. To access this setting, click on the gear icon located in the top right hand corner and then click on the ‘Settings’ link. Next, click on the ‘Security’ link located in the left hand column. You can also be taken directly to this screen by clicking here: https://www.facebook.com/settings?tab=security
Now all you have to do is click the ‘Edit’ link under Login Approvals and set everything up. If you use the Facebook mobile application, then you can also enable ‘Code Generator’ on this screen. Instead of sending you a text message with the secret code, the mobile Facebook application will generate a code for you to use.