Yet again, Facebook is in the news, but not for what they had hoped for. Facebook has admitted that passwords belonging to millions of users have been exposed and are under another criminal investigation.
During a security review this year it was found that the passwords belonging to Facebook users were being stored in a readable format (plain text) within their internal data storage systems.
“This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable.” – Pedro Canahuati, VP Engineering, Security and Privacy
Canahuati states that the passwords were never visible to anyone outside of Facebook. Neither have they found evidence to date that anyone internally had abused or improperly accessed them. During this review they have looked at how they store other categories of information (such as access tokens) and have claimed to fix problems as they are discovered.
What This Means For You
Facebook has stated that they will be notifying all the users affected by the security flaw. They advise users to change their passwords on Facebook and Instagram. Even if your account is not affected, it’s still good practice to routinely change your passwords every so often. To change a password in Facebook and Instagram just go into the settings on the application.
Keeping Your Accounts Secure
It shouldn’t take a event like this to start securing accounts. Here are some tips on how to keep accounts secure no matter what service or website is accessed.
- Change passwords regularly.
- Avoid reusing an old password.
- Avoid using the same password on multiple platforms.
- Use strong and complex passwords that include numbers and symbols.
- If the platform allows it, take advantage of 2FA (two-factor authentication).
- Use app passwords whenever possible.
Follow these tips and rest assured that your accounts will be safe and sound.