"Keeping passwords safe" (Keeping passwords) is the owner of the publication with which Facebook mentions one of its biggest security vulnerabilities to date. And taking this into account, this was acknowledged a few months ago (September 2018) 50 million accounts have been affected by a security breach which she left to expose. And only one year (March 2018) to make his connection with Cambridge Analytico come to a day for incorrect use of user data.
Now they come back to the foreground. But "protect your passwords" is just the opposite of what they did. In particular, this is evident hundreds of millions of Facebook user passwords were saved in plain text (when you are reading these lines, without any encryption) in social networking systems. The serious thing is, yes thousands of employees on Facebook You could do simple searches to find these passwords unprotected.
The social network in its blog acknowledges that "as part of a security routine in January, we found that some user passwords were saved in plain text in our internal storage systems."
Security analyst Brian Krebs He was the first to reveal himself in his blog, explaining that one of his sources on Facebook drew attention to this fact. A few hours later, the social network was recognized.
In particular, the research has shown that they are among them 200 and 600 million passwords which could be stored in this way that they could find more than 20,000 employees on the social network.
Facebook was a social network that was most affected by this failure, but it is not the only one. Users InstagramThe social network owned by Facebook has been the victim of this failure, only to a lesser extent.
Some passwords could be so exposed since 2012.
What can you do as a user?
Facebook has around 2,700 million users worldwide. Hundreds of millions of potential users had a large share.
The social network explains in its blog that yes inform the affected users. "We estimate that hundreds of millions of Facebook Lite users will be notified, tens of millions of other Facebook users, and tens of thousands of Instagram users," they say.
Nevertheless, it is the best that users can do Facebook and Instagram change passwords as soon as possible.
It is also highly recommended to activate another factor of authentication, which means that you do not only have to enter a user name and password to access the social network, but you also need to enter a code that will be sent using another method, such as a web application, an authentication application, or an SMS.