Facebook is rolling out options for advertisers to pay to “sponsor” comments people make about businesses, places or products at the world’s largest online social network.

A Sponsored Stories tool allows advertisers to take “word of mouth recommendations and promote them” to eye-catching notices on Facebook user pages, engineers at the firm said in an online video.

“It’s not a message saying you should buy this thing or you should come to this website,” an engineer said in the Facebook Marketing Solutions video. “It’s your friend saying ‘Look, I did this and I want to tell you about it.’”

Sponsored Stories are updates or location check-ins that Facebook members post to be seen by friends and are only shared with those in a person’s chosen circle of contacts at the online community.

Facebook also announced heightened privacy controls for members of the world’s largest online social network.

The security enhancements came on the heels of a hacker posting a bogus message on the public fan page of Facebook founder Mark Zuckerberg suggesting that the website pursue social good instead of business profit.

The release of improved tools for protecting the content of users’ profiles was tied to an international Data Privacy Day last week, according to Facebook.

“A key part of controlling information has always been protecting it from security threats like viruses, malware and hackers,” Facebook’s Jake Brill said in a blog post.

New security features being rolled out included the availability of one-time passwords that US Facebook members could use at shared computers in places such as cafes, airports or hotels where keystrokes might be saved on machines.

Sending a mobile phone text message reading “otp” to 32665 will result in a Facebook user getting a response containing a password that works only once and expires in 20 minutes.

The mobile phones must be registered in Facebook users’ accounts to get disposable passwords.

Facebook will also let members remotely check whether they are still logged onto the service at other computers and then sign-off from afar.

“In the unlikely event that someone accesses your account without your permission, you can also shut down the unauthorised login before resetting your password and taking other steps to secure your account and computer,” Mr Brill said.

Facebook said a software “bug” let a hacker impersonate chief executive Mark Zuckerberg in a comment posted to his public fan page at the website. The bogus update suggested that Facebook turn to its users instead of banks for money and got “liked” by more than 1,800 members of the social network before it was erased.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.