Facebook stored millions of user passwords in plaintext

Comments are off
1
Marcelo Orlandi
Facebook stored millions of user passwords in plaintext

We have often discussed the importance of keeping your passwords secure: to not store them in any visible place and even the ever-growing phishing credentials method.

However, even if you take all the precautions you probably still rely on a third party provider to keep your password stored safely somewhere. That third party provider can be your Yahoo email account, Gmail, Facebook, and many other websites and portals where you had to create an account in order to use their systems.

This time, Facebook was found to be storing millions of Instagram passwords in plain text. The worst part of this is that one of those passwords could be yours. We typically believe that big companies, such as Facebook, should have security in mind in every step along the way, but as you can see that is not always the case. A silly mistake left “hundreds of millions” of unencrypted passwords on the social network’s internal servers.

 

The company communicated that they will notify the users affected.

If you have not received any notification from Facebook or Instagram I strongly suggest you change your passwords to be safe. And as always, keep it completely different from any other password you have out there.

Now, the next question is how long were those passwords being stored in plain text before becoming public? This is a question to which we may never know the answer…

If you have not already set up and activated two-factor authentication, it may be time to go back and reread the “Why should I use multi-factor authentication?” post from August of last year.

 

And as always, be safe out there, until next Malware Monday.