Facebook locks my account (requiring that I change my password) after I download a Facebook video

[rsfinlayson]

Please follow the guide below

• You will be asked some questions and requested to provide some information, please read them carefully and answer honestly
• Put an x into all the boxes [ ] relevant to your issue (like this: [x])
• Use the Preview tab to see what your issue will actually look like

---

Make sure you are using the latest version: run youtube-dl --version and ensure your version is 2019.01.24. If it's not, read this FAQ entry and update. Issues with outdated version will be rejected.

• [x ] I've verified and I assure that I'm running youtube-dl 2019.01.24

Before submitting an issue make sure you have:

• [x ] At least skimmed through the README, most notably the FAQ and BUGS sections
• [ x] Searched the bugtracker for similar issues including closed ones
• [ x] Checked that provided video/audio/playlist URLs (if any) are alive and playable in a browser

What is the purpose of your issue?

• [ x] Bug report (encountered problems with youtube-dl)
• [ ] Site support request (request for adding support for a new site)
• [ ] Feature request (request for a new functionality)
• [ ] Question
• [ ] Other

---

The following sections concretize particular purposed issues, you can erase any section (the contents between triple ---) not applicable to your issue

---

---

If the purpose of this issue is a site support request please provide all kinds of example URLs support for which should be included (replace following example URLs by yours):

• Single video: https://www.youtube.com/watch?v=BaW_jenozKc
• Single video: https://youtu.be/BaW_jenozKc
• Playlist: https://www.youtube.com/playlist?list=PL4lCao7KL_QFVb7Iudeipvc2BCavECqzc

Note that youtube-dl does not support sites dedicated to copyright infringement. In order for site support request to be accepted all provided example URLs should not violate any copyrights.

---

Description of your issue, suggested solution and other information

Downloading videos from Facebook (with --username --password ) works OK, but soon afterwards, Facebook locks my account, saying: "We’ve detected suspicious activity on your Facebook account and have temporarily locked it as a security precaution. It’s likely that your account was compromised as a result of entering your password on a website designed to look like Facebook."

This requires me to change my Facebook password each time this happens.

It appears that Facebook is somehow detecting youtube-dl downloads, and flagging them as 'suspicious'.

[ealgase]

Facebook has complex phishing protection and it won't be easy to work around this. I'd recommend using --cookies with an export of your Facebook cookies.

[mandree]

Would it work to use "App passwords" or whatever the English version of facebook calls it?

Apparently I cannot login with an App password through youtube_dl if I create one (using Git version 25b83c2a0e29c75372f0ce26d2b4ecf493e8b28c on Fedora 30), I only get (note the URL is made up):

[debug] System config: []
[debug] User config: []
[debug] Custom config: []
[debug] Command-line args: [u'--no-call-home', u'--cookies', u'cookie_jar.txt', u'--username', u'PRIVATE', u'--password', u'PRIVATE', u'--verbose', u'https://www.facebook.com/some.friend/videos/1237891234567890/']
[debug] Encodings: locale UTF-8, fs UTF-8, out UTF-8, pref UTF-8
[debug] youtube-dl version 2019.05.20
[debug] Python version 2.7.16 (CPython) - Linux-5.0.16-300.fc30.x86_64-x86_64-with-fedora-30-Thirty
[debug] exe versions: ffmpeg 4.1.3, ffprobe 4.1.3
[debug] Proxy map: {}
[facebook] Downloading login page
[facebook] Logging in
WARNING: unable to log in: bad username/password, or exceeded login rate limit (~3/min). Check credentials or wait.
[facebook] 1237891234567890: Downloading webpage
[facebook] 1237891234567890: Downloading webpage

And since the video is "for friends only", no joy.

Pidgin (purple-facebookchat) can use app passwords... but seems I need to use the "real" facebook password for youtube_dl.

[xznhj8129]

Locked out because of this and now it won't let me unlock it because "Sorry, this feature isn't available right now"

[CrimsonGlory]

Just happened the same to me when trying to download a video that required --username and --password params. The video downloaded fine. But 20 minutes later I got logged out from the browser. Now it ask for a password or social security id scan youtube-dl version: 2020.01.15

[ghost]

Exact same issue here, and to make matters worse, Facebook's system for unlocking an account locked this way is broken and you have to use other resolution methods.

[affinityv]

Are any of you using Facebook over Tor and the .onion address? That could be part of the problem. I think the cookie idea is probably the best way to deal with this problem AND to keep transport the same (proxy via socks5 Tor or not, but be consistent).

[xznhj8129]

No, this was over a vpn.

[ghost]

I was connecting straight to Facebook. I'll try the cookie trick next time.

[fargiolas]

Same here, straight to facebook (no tor, no proxy, no vpn), always used cookies (it's a private video) downloaded with cookies.txt, tried both with the same cookie and with a new cookie every time after a fresh login. After a couple minutes it locks me out, asks to change password etc. And it goes on for days locking me out several times saying someone might have used my account.

Any idea?

[taslitruba]

Cookies used to be a good workaround. But they don't work anymore - after just one cookie use, Facebook locks me out right away. I think they found some way to detect youtube-dl, and we need to innovate to stay one step ahead.

[TomArrow]

Bump, have the same issue, with both username and password and with the cookies method. Though the cookies method seems to give more time before you get locked out.

[N3WWN]

I’ve run into this issue, also, over the last couple of weeks. I have to use my Facebook login credentials to download videos (I didn’t have to do this before, FB must have changed something) and then FB locks my account after successfully downloading the video. I’ll try the cookies suggestion next time to see if I have any luck with it...

[AggelosM]

I'm still getting locked out :(

[ddelange]

soon afterwards, Facebook locks my account

straight to facebook (no tor, no proxy, no vpn)

after just one cookie use, Facebook locks me out right away

Just guessing here:

Without cookie, fb will probably detect headless login pretty easily (fake-useragent and such will probably not be enough to prevent this).

With cookie exported from your real browser, fb will probably detect headless login pretty easily (e.g. embedding browser signature in the cookie, and cross-referencing the use of that cookie server-side with some delay -> lock).

There are probably many more detection techniques they can employ...

One way to make it really hard for them, is by actually using a headful browser to get the page source:

• load fb in e.g. headful chromium
• click somewhere random in the login field
• type username, tab, password, enter
• go to url, render, get source

I'm pretty sure that like this they will have no option but give you a fresh cookie and register this new 'device' as trusted.

Might not be a viable option for this lib due to their size (?), but just want to coin frameworks like playwright that can achieve this 'real user' like flow.

[binyominzeev]

Hi, just wanted to let you know that the procedure below works fine to me:

https://webapps.stackexchange.com/questions/58690/how-can-i-download-non-public-facebook-video/92332

Using the parameter "add-header", and add my cookies.

But the weird thing is that this is only if I use youtube-dl version 2021.03.03. With the most recent version (2021.04.07), however, I am still getting kicked out from Facebook! So seemingly something has been changed to its detriment, in between...

[ghost]

I also experienced this issue and I think I would be bothered to read this entire discussion, but I think I have the idea of it. I think I should stick with inspect element for now.