By Andrew Irumba
Facebook has admitted that hundreds of millions of its users had their account passwords stored in plain text and searchable by thousands of Facebook employees.
It also admitted to have mishandled sensitive passwords for hundreds of millions of its users, primarily those who use its Facebook Lite product. The disclosure casts doubt on the company’s abilities to protect its users’ information as it focuses more on privacy. (www.thenaturalresult.com)
In a blog post on Thursday prompted by a report by cyber-security reporter Brian Krebs, it admitted it didn’t properly mask the passwords of hundreds of millions of its users and stored them as plain text in an internal database for years that could be accessed by its staff.
The company said that the discovery of the exposed passwords was made during a security review in January and launched an investigation. Facebook did not say how long it had been storing passwords in this way.
The Company admitted that none of the passwords were visible to anyone outside of Facebook, but logs were accessible to some 2,000 engineers and developers as Krebs said.
“To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,” Pedro Canahuati, a Facebook vice president wrote on Thursday in a post titled, “Keeping Passwords Secure.”
“Facebook typically” masks people’s passwords when they create an account so that no one at the company can see them,” he added.
Hundreds of millions of users of Facebook Lite had been impacted, while tens of millions of regular Facebook users and tens of thousands of Instagram users were affected, the company said.
Facebook Lite, a simplified version of Facebook designed to work on slower internet connections, is popular among people in parts of the world with less connectivity. The Company admitted notifying affected users.
Keeping passwords hashed, or encrypted is widely regarded as fundamental to cyber security.
“Encrypting passwords is Security 101,” said Marcus Carey, the CEO Threat care, an Austin cyber security company. “If they can’t get the basic principles of cyber security right, they are surely failing on the tougher challenges.”
It’s not the first time that Facebook encounters cyber security problems
In September, the company faced a number of cyber security problems; an attack on Facebook exposed the private profile information for nearly 50 million of the social network’s users.
Facebook announced in December it exposed the private photos as many as 6.8 million users without their permission.
Earlier this month, the company said it was pivoting to a privacy-focused model by adding end-to-end encryption to its various messaging services.
How Facebook Protects People’s Passwords
The Company admits masking people’s passwords when they create an account so that no one at the company can see them.
In security terms, Facebook “hashes” and “salts” the passwords, including using a function called “scrypt” as well as a cryptographic key that lets it (Facebook) irreversibly replace user’s actual password with a random set of characters.
purchase cialis online [url=https://tadalaccess.com/#]cialis patent expiration date[/url] what is the generic for cialis
cialis stopped working [url=https://tadalaccess.com/#]Tadal Access[/url] generic cialis available in canada
cialis generic over the counter [url=https://tadalaccess.com/#]TadalAccess[/url] cialis online overnight shipping
cialis for daily use [url=https://tadalaccess.com/#]cialis from mexico[/url] cialis indien bezahlung mit paypal
tadalafil pulmonary hypertension [url=https://tadalaccess.com/#]ambrisentan and tadalafil combination brands[/url] when to take cialis for best results
cialis side effects forum [url=https://tadalaccess.com/#]cialis over the counter in spain[/url] cialis brand no prescription 365
tadalafil citrate liquid [url=https://tadalaccess.com/#]best reviewed tadalafil site[/url] cialis where can i buy
vardenafil tadalafil sildenafil [url=https://tadalaccess.com/#]Tadal Access[/url] cialis how to use
generic cialis 20 mg from india [url=https://tadalaccess.com/#]TadalAccess[/url] tadalafil citrate liquid
buy cialis online usa [url=https://tadalaccess.com/#]tadalafil hong kong[/url] tadalafil softsules tuf 20
tadalafil tablets [url=https://tadalaccess.com/#]Tadal Access[/url] does tadalafil work
tadalafil and ambrisentan newjm 2015 [url=https://tadalaccess.com/#]Tadal Access[/url] cialis 100mg
buy cialis in toronto [url=https://tadalaccess.com/#]tadalafil generic headache nausea[/url] canadian pharmacy cialis 20mg
mantra 10 tadalafil tablets [url=https://tadalaccess.com/#]Tadal Access[/url] cialis manufacturer coupon free trial
where buy generic clomid for sale [url=http://clomhealth.com/#]how can i get clomid tablets[/url] how to buy cheap clomid no prescription
no doctor visit required [url=https://maxviagramd.shop/#]buy generic Viagra online[/url] discreet shipping
affordable ED medication [url=http://zipgenericmd.com/#]discreet shipping ED pills[/url] generic tadalafil
pin up вход [url=https://pinuprus.pro/#]пин ап казино официальный сайт[/url] пин ап вход
вавада [url=http://vavadavhod.tech/#]вавада казино[/url] вавада официальный сайт
pin-up casino giris [url=http://pinupaz.top/#]pin-up[/url] pin up az