New Delhi -°C
Today in New Delhi, India

Sep 19, 2019-Thursday



Select city

Metro cities - Delhi, Mumbai, Chennai, Kolkata

Other cities - Noida, Gurgaon, Bengaluru, Hyderabad, Bhopal , Chandigarh , Dehradun, Indore, Jaipur, Lucknow, Patna, Ranchi

Friday, Sep 20, 2019

Facebook exposes millions of passwords: Here’s how you can protect your account

Facebook’s latest security flaw exposes millions of passwords in readable text. Here’s what you need to do to protect your account.

tech Updated: Mar 22, 2019 12:39 IST
Marcia Sekhose
Marcia Sekhose
Hindustan Times
Facebook’s security flaw exposed passwords of millions of users.
Facebook’s security flaw exposed passwords of millions of users.(AP)

Facebook on Wednesday disclosed a critical flaw on its social networking platform that exposed millions of users passwords to its employees. The company said the passwords were stored in plain text format on its internal servers. Facebook said it has now fixed the glitch.

Facebook in a blog post said it discovered the passwords in “readable format” during a routine security review in January. The social media giant also assures that the passwords did not leak outside the company, and were not misused in any way. It’s also not clear how long the passwords were out in the open.

Affected users

Facebook’s security flaw exposed passwords of millions of users. This primarily affected “hundreds of millions” of Facebook Lite users, “tens of millions” of Facebook users, and also “tens of thousands” of Instagram users. Instagram users who login to the app through Facebook are likely to be affected.

ALSO READ: What is Facebook’s View As feature and why has it been disabled

Here’s what you need to do

Facebook will alert users who were affected by this security flaw. It also urges all users to change their Facebook and Instagram passwords immediately irrespective of being affected or not.

“Hashed passwords still need to be cracked before they can be used; plaintext passwords are the real deal without any further hacking or cracking needed,” Paul Ducklin, a senior technologist at Sophos, said.

Facebook users are also advised to use two-factor authentication (2FA) for better security. 2FA requires a security code which will be sent to the registered phone number of the Facebook user.

For those who do not wish to share their phone number can use third-party authentication apps like Google Authenticator. These apps generate a security codes every time you login to Facebook.

First Published: Mar 22, 2019 12:38 IST