Monday April 22, 2019
Home Lead Story Experts Urgin...

Experts Urging Users to Change their Facebook Passwords and Turn on Two-Factor Authentication

Facebook in a blog post on Thursday said that it had fixed the issue and will be notifying everyone whose passwords it found stored this way

0
//
Facebook
Facebook in a blog post on Thursday said that it had fixed the issue and will be notifying everyone whose passwords it found stored this way. Pixabay

After a report revealed around 200-600 million Facebook users may have had their account passwords stored in plain text and searchable by over 20,000 Facebook employees, cybersecurity experts are urging users to change their passwords and turn on the two-factor authentication (2FA).

So far the inquiry has uncovered archives with plain text user passwords dating back to 2012, according to the report published this week by KrebsOnSecurity, a blog run by journalist Brian Krebs.

Facebook in a blog post on Thursday said that it had fixed the issue and will be notifying everyone whose passwords it found stored this way.

“It’s perfectly possible that no passwords at all fell into the hands of any crooks as a result of this. But if any passwords did get into the wrong hands then you can expect them to be abused,” said Paul Ducklin, Senior Technologist at global cybersecurity firm Sophos.

facebook
Facebook said it had found no evidence to date that anyone internally abused or improperly accessed the passwords. Pixabay

“Hashed passwords still need to be cracked before they can be used; plaintext passwords are the real deal without any further hacking or cracking needed,” Ducklin added.

Facebook said it had found no evidence to date that anyone internally abused or improperly accessed the passwords.

“While the details of the incident are still emerging, this is likely an accidental programming error that led to the logging of plain text credentials. That said, this should never have happened and Facebook needs to ensure that no user credentials or data were compromised as a result of this error,” said John Shier, Senior Security Advisor at Sophos.

“This is also another reminder for people who are still reusing passwords or using weak passwords to change their Facebook password to something strong and unique and to turn on two-factor authentication (2FA),” Shier said. Turning on 2FA would mean that a password alone is not enough for crooks to raid your account, Ducklin added.

facebook
Turning on 2FA would mean that a password alone is not enough for crooks to raid your account, Ducklin added. Pixabay

Facebook also asked people to change their passwords “out of an abundance of caution”.

Earlier this month, Facebook came under scrutiny for using phone numbers provided for security reasons — like two-factor authentication (2FA) — for things like advertising and making users searchable by their phone numbers across its different platforms.

ALSO READ: New Zealand PM Jacinda Ardern Receives Death Threats on Social Media

“Another security measure users can implement to strengthen their digital security postures is to use different passwords for different online accounts. Don’t use your Facebook password for any other login, particularly for personal/professional email accounts or online banking,” said Sanjay Katkar, Joint Managing Director and Chief Technology Officer, Quick Heal Technologies Limited.

“It is also a good practice to log out whenever not using Facebook, even on mobile devices,” Katkar added. (IANS)

Next Story

Facebook Still Hosting NZ Shooting Footage: Report

Facing flak, the social media giant is now exploring restrictions on who can use its “Facebook Live” feature

0
Facebook, data,photos
A television photographer shoots the sign outside of Facebook headquarters in Menlo Park, Calif. VOA

Despite Facebook’s claim that the livestreaming video of the March 15 Christchurch shooting that killed 50 people was removed from its platforms, sections of the raw footage are still available for users to watch, the media reported.

According to a report in Motherboard on Friday, certain videos on Facebook and Instagram show sections of the raw attack footage.

“The world’s biggest and most well-resourced social media network is still hosting copies of the violent attack video on its own platform as well as Instagram,” the report claimed.

Some of the videos are slices of the original 17-minute clip — trimmed down to one minute or so — and are open to be viewed by anyone.

In one instance, instead of removing the video, which shows the terrorist shooting and murdering innocent civilians from a first-person perspective, Facebook has simply marked the clip as potentially containing “violent or graphic content”.

One of the clips shows the terrorist walking up to the first mosque he targeted, and opening fire. The video does not show the full attack, and stops at the 01:15 mark.

Facebook
Facebook App on a smartphone device. (VOA)

A Facebook spokesperson, however, said “the video did violate our policies and has been removed”.

The Facebook livestreaming of the New Zealand terror attack sparked global outrage. The video was viewed over 4,000 times before it was removed.

The video was later shared in millions on other social media platforms, including Twitter and YouTube.

Also Read- Jack Dorsey Admits Twitter Makes it Easy to Abuse Others

Facing flak, the social media giant is now exploring restrictions on who can use its “Facebook Live” feature.

Earlier this month, New Zealand’s privacy commissioner John Edwards labelled Facebook as “morally bankrupt pathological liars” after the social media platform’s CEO Mark Zuckerberg tried to play down the Facebook livestreaming of Christchurch shooting. (IANS)