From there, Facebook will walk users through password security options and show the computers logged into different Facebook services.

If anything's fishy, it should be obvious from there. Those tools were already available to Facebook users, but thanks to Security Check-up, they'll be a lot harder to miss.

Once you have logged in on a phone, that login will usually stick around until you actively turn it off. It particularly poses problem if that phone ends up lost, stolen, or just re-sold.

Login alerts send you an email any time there's a new login, while device management can show you every device that's accessed your account.

But we tend to avoid these security checks. Check-up forces itself into view, encouraging the users to grapple with options they probably didn't know existed.