The biggest online platform with billions of users, Facebook has been in the clutches of data breach scandal since last year. And now, there’s a new issue arose which the company claims to be a petty one, but feel sorry.
Time to Change Your Passwords! Facebook Accidentally Stored Passwords as Plain Texts
In a recent post in Facebook News Room (Facebook’s blog), Pedro Canahuati, VP of Engineering, Security and Privacy Dept has revealed that the company has accidentally stored the passwords of most of its users in Facebook and Instagram in plain texts, rather being encoded.
This was known when there’s a regular security checkup done in January and found a bug which has stored readable passwords in their internal database, thus, giving a chance for internal employees to read them.
But he later told that no one has accessed or abused the password database and immediately rectified the mistake.
Furthermore, the company has even sent emails to hundreds of thousands of its users whose passwords may have been in the list.
Using a function called “scrypt“, Facebook hashes the password of every user when they create/change their passwords. That’s more like cryptographic masking which turns the stored passwords into a meaningless string for hackers if compromised.
Being Secure ——
What we suggest is to enable Two Factor Authentication (2FA), or a text message login (OTP) if you really care about your Facebook account.
Out of these, 2FA could be a better option as it doesn’t require your phone number like OTP login.
Go to Settings – Security and Login – Use Two Factor Authentication.
You’d be shown a QR code along with an alphanumeric key, which has to be entered/scanned by 2FA app like Google Authenticator and back it up.
You’d be leaving as logged in most of the time in your phone/PC, but if you ever wanted to log in again afresh, you gotta need the code shown in your authenticator app.