RB - I don't do Facebook, but I've seen some "policies" that say you must provide a "real name" and email address to create a log-in. They do, I believe, make a pretext of verifying an identity, so if the name is already registered with them it creates at least a possibility that Facebook would be suspicious of an attempt to create a new phony site for the same person.

Of course having a real Facebook page provides something for anyone with malicious intent to hack, deface, modify, or just observe, with all of the same results as creating a fake one. Since it has been shown that a majority (slightly over 50%?) of persons with "executive authority" use the passwords "12345" or "54321" or "password" finding the passwords to get full access to at least some of the new accounts is likely to be almost trivial.

Hence came my slightly sarcastic comment about "positive countermeasures."

John