Think your Facebook password is safe? Think again!

Facebook CEO and co-founder Mark Zuckerberg

Facebook CEO and co-founder Mark Zuckerberg

The security blog KrebsOnSecurity said some 600 million Facebook users may have had their passwords stored in plain text.

"This caught our attention because our login systems are created to mask passwords using techniques that make them unreadable", Canahuati continued.

Facebook has since confirmed the shocking security failure, but insists it has fixed the issue and has not found any evidence that the information was 'abused'.

Facebook has security measures outside of passwords that kick in if it detects suspicious login activity - such as looking out for an unusual device, cross-matching stolen passwords from data breaches on other online services, and even a physical key for certain users.

What we do know is that now would be a great time to reset your password for both Instagram and Facebook, just to be sure. Facebook engineers noticed the mistake when reviewing new code back in January of this year.

Security analyst Troy Hunt, who runs the "haveibeenpwned.com" data breach website, said the situation may be embarrassing for Facebook but not risky unless an adversary gained access to the passwords.

The news caps a long period of trouble for Facebook over the way it handles and protects user data. You can also check your Facebook account for suspicious activity.

Facebook has said that it stored millions of its users' passwords in plain text for years. The acknowledgement from the social media giant came after a security researcher posted about the issue online

Facebook said Thursday that millions of user-account passwords had been stored insecurely, potentially allowing employees to gain access to people's accounts without their knowledge. A glitch, or so Facebook wants us to believe, made hundreds of millions of users' password appear in plain text to Facebook employees.

In an interview with KrebsOnSecurity, Facebook software engineer Scott Renfro said the company wasn't ready to talk about specific numbers - such as the number of Facebook employees who could have accessed the data.

Facebook hasn't said - and likely would never say - how many people, when faced with that message last September, took it as a forced social detox and either scaled back or ceased their use of the site altogether.

Facebook Lite, which is a lighter version of the main Facebook app, is designed for areas with poor connectivity and for phones which have low-end specs.

In a statement, Facebook said it had now resolved a "glitch" that had stored the passwords on its internal network.

Keeping passwords hashed, or encrypted, is widely regarded as fundamental to cybersecurity, as passwords exist to for users to authenticate their identity without others knowing how.

Too many eggs can kill you
The study had up to 31 years of follow up, during which 5,400 cardiovascular events and 6,132 all-cause deaths were diagnosed. The sunny-side down news comes from Northwestern University researchers, who analyzed 30,000 US adults over three decades.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.