The Day When Facebook Stored User Passwords in Plain-Text Without Encryption — Facebook Apologized :)
4 min read
Being a Tech Giant is not everything. Facebook holds majority of market in Social Media Networking Platform out there. Recently 3 days before on April 2nd 2019 Google abandoned it’s Social Media Platform ‘Google +’. Well if they would have abandoned it on 1st April it would have been April Fool’s day for the creators of Google Plus.
Well coming back to Facebook , I am sci-fan & believe “With Great Power Comes Greater Responsibility” but having so much controversies within Facebook on security aspect — Well they come with nothing A funny story happened recently when they prompt me with this funny notification. Image for post Funny yeah, But truth. Well I can’t Believe They Did it? Who does that on production system? The Fact Behind This Glitch Facebook stored millions of passwords in plain text format, change your FB password now Facebook said on Thursday it has resolved a glitch that exposed passwords of millions of users stored in readable format within its internal systems to its employees. The passwords were accessible to as many as 20,000 Facebook employees and dated back as early as 2012, cyber security blog KrebsOnSecurity, which first reported said in its report. “These passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,” the company said. KrebsOnSecurity, citing a senior Facebook employee, said the an internal investigation by the company so far indicates that between 200 million and 600 million Facebook users may have had their account passwords stored in plain text. Facebook said the issue was discovered in January as part of a routine security review. Majority of the affected were users of Facebook Lite, a version of the social media app largely used by people in regions with lower connectivity. The social network is also probing the causes of a series of security failures, in which employees built applications that logged unencrypted password data for Facebook users, the report said.”We estimate that we will notify hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users,” the company said. Via — Reuters For Non Technical People. It takes only few line of code to convert a plan text into cypher text. Also it’s execution won’t take much processing time for basic encryption technique like MD5.
Did you find this article valuable?
Support Salman Qureshi by becoming a sponsor. Any amount is appreciated!