Open sourcing our Delegated Account Recovery implementation

In February, we shipped the “Recover Accounts Elsewhere” feature to help people regain access to their accounts if they lose access to their two-factor device or token. It is an implementation of the Delegated Account Recovery specification published by Facebook.

GitHub will be open sourcing a Ruby library soon so that the complicated and dangerous code paths will be abstracted away and we will provide a Ruby reference implementation as a guide.

We’ve released a Ruby library: Darrrr (say it with your best Hollywood pirate accent). The library is not coupled with any frameworks and can be used for Rails and non-Rails applications alike. Along with the library, you’ll find a Sinatra application that demonstrates the entire flow.

Additionally, Facebook has released SDKs for Java and JavaScript, including demo applications. They’re also inviting developers to join a beta program for becoming an integrator. You can read more about Facebook’s release on their Protect the Graph page.

Providing open source implementations for common languages was always part of the plan to help ease adoption of the recovery protocol. We hope these libraries and sample implementations lead to more integrations!