It turns out that Facebook’s own company has acknowledged that it has hundreds of millions of passwords stored in plain text. Something that has set off the alarm of users, or at least of those who know how the world of cybersecurity works a bit. If you don’t know what this means or what it means to have the passwords saved in plain text, we will tell you about it to give you an idea.
It has been the users of Facebook Lite, who suffer from this problem, and a few hundred thousand users of Instagram. You may not use Facebook Lite, but it is very possible that you do use Instagram (since it is more popular than Facebook Lite), so you could be one of those affected.
Passwords in plain text, against security
Normally, passwords are saved with a special encryption, which for whatever reason, if they managed to hack Facebook’s servers in a hypothetical case. Once inside, they would have to crack the passwords in order to access them. But having the passwords stored in plain text means that they have them in a text like the one you are reading right now, without any special encryption or anything to protect them.
In fact, some of Facebook’s own employees can access these passwordsWe like to think that if a person works in a company as large as Facebook, they will not have malicious intentions or do anything with this information, but you never know.
It was researcher Brian Krebs who spotted the problem, who showed that they were logging the data from unencrypted passwords and storing it on their servers. At first I only detected it from January 2019, but he delved a little more into the matter until he found similar practices since 2012. Something worrisome, without a doubt.
Facebook has admitted it, but says it has downplayed the problem, although we don’t know how. DThey say the data has not been seen by anything outside the company, and no evidence has been found that the data has been handled by someone outside, and even that it has been misused within the company itself. But due to all the controversies in recent years, some users do not trust these statements.
Scott Renfro, a Facebook software engineer, says that you won’t need to change passwords, but in the statement, they explain how to change your account’s passwords, if you want to.
What do you think? Do you think Facebook will lose more users?