Facebook has been constantly improving its security features to protect its users, they have added SSL,login notifications, recent activity logs etc..Recently they have added “Two Factor authentication mechanism ” to improve the security further.Its an opt-in feature which when enabled asks for a password send to the registered mobile number while trying to login from new computer. To enable this feature, go to Facebook Account Settings-> Account Security and enable Login Approvals.
You can read the official blog post about Login Approvals here.For Login approvals to work, you need to provide your mobile number, and have to ensure that you don’t lost your mobile.Whenever a Login attempts happens from an unknown computer( from a system where your have never used Facebook before) an SMS will be send to your mobile number with an authorization code which is needed to login.
In case if you ever lost your mobile phone, you can change your number and/or disable Login approvals from a system already recognized by Facebook.
If somebody get holds of your password somehow and tries to Login to your account, you will get an SMS with authorization code as well a FB notification.
In cases where its not a Login by you, you can reject that Login and change your account password.Facebook also seems to provide login attempt location ( probably based on the IP address).