AlternativeTo Logo
Facebook stored over 600 million passwords as plaintext that 20,000 employees could see

Facebook stored over 600 million passwords as plaintext that 20,000 employees could see

almost 4 years ago by IanDorfman

Going back as far as 2012, a total of 20,000 Facebook employees had access to archives of between 200 million and 600 million Facebook users' passwords stored in plaintext.

Initially shared by security researcher Brian Krebs and then posted about on the official Facebook Newsroom by Facebook Vice President Engineering, Security, and Privacy Pedro Canahuati, Facebook will be notifying "hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users" about their account passwords being a part of this oversight.

Canahuati goes on to state that Facebook takes proper measures to stay "in line with security best practices," such as hashing and salting user passwords, so users can be verified by the social network's login servers that they're using the right password without the need to store the password as easily readable plaintext.

Canahuati concludes by recommending users change the password they use for Facebook and Instagram, use different and complex passwords across all online services, and consider utilizing both two-factor authentication and a password manager to further protect their accounts.

Further coverage: Facebook Newsroom Krebs on Security Engadget Motherboard TechCrunch The Verge VentureBeat

almost 4 years ago by IanDorfman

Facebook iconFacebook
  973
  • FreeProprietary
  • Windows
  • Online
  • Android
  • iPhone
  • Blackberry
  • Android Tablet
  • Windows Phone
  • iPad
  • Tor
  • KaiOS

Free online social media and network service connecting people with friends, family, classmates and more.

AlternativeTo