We love 2FA (two factor authentication) and want everyone to use it. But SMS-based 2FA is not the best choice, and now it's even worse on Facebook, as it once enabled lets people find you with your phone number.
Back in the day, someone can jump on Facebook and do a phone number search to find which specific people. If you had your phone number in your Facebook account, you would show up with that search. But back in April last year, this feature was removed in an attempt to keep private data private (although it seems to be searching for phone numbers still works in Messenger).
But now it has been discovered that using your phone number for SMS-based 2FA Facebook uses this to help people find you. While the phone number search function is still disabled, you will appear as a potential connection if you are in someone's contacts on your phone and upload that list. Gross.
Honestly, it's such a junk. If just the reason why you give Facebook your phone number is to increase the security of your account and it in turn usually utilize more contact information, then it is a big question-one that would not exist if Facebook was not so giant shady with your data. It's pretty disgusting.
To add insult to injury, you can also not opt out of this. You can help limit it by going to Facebook Settings> Privacy and setting "Who can find you with the phone number you entered" to "Friends", which is the most private option available. It is a band aid at best.
Otherwise, you have some choices: you can disable your Facebook account, which many people simply do not want to do; you can stop using 2FA, which we do not recommend at all ; or you can use another form of 2FA. If you do not want to deactivate your account, the latter option is the absolute best. Keep in mind that the damage has probably happened – your phone number is stored. This cannot change a thing. However, moving to a better security method that does not involve your phone number is never a bad idea.
There are many authentication apps out there, but we are big fans of Authy. It uses the same known code-based systems that you usually use with SMS-based authentication, but instead of getting a text message with your code, simply open the Authy app and drag the code from there. We have an excellent guide to help you get started with Authy if this is the first time you use it.
RELATED: How to set Authy for two factor authentication (and synchronize your codes between devices)
To get your Facebook account configured with Authy, jump into FB's settings, then Security and Log in. (On the mobile you will find it under Settings and Privacy> Preferences.)
From there, scroll down to the Two Factor Authentication section and click the Edit button in "Use Two-Factor Authentication" section.
From there you can create an authentication app (or even better, use a security key). 
And that's it. Your account is even safer than before, and Facebook won't use your phone number for anything you don't want.