Change Your Password Now Because Facebook Stored Passwords in Plaintext

Facebook has had a lot of controversial happenings within the past year and this year. As a matter of fact, they’ve been involved in some court hearings and a lot of discussions regarding privacy of data and the personal information of millions of people.

Facebook Plain text Password
This image was taken from Media Post || || Facebook had a security breach where they stores passwords in plaintext

Having that said, it’s pretty complex to try and summarize all of the concerns users and privacy experts have as regards the privacy of Facebook. They’ve been tagged as misusing the information from the Cambridge Analytica scandal, to a low and unsophisticated security because people can breach the systems. Now, it’s a totally different story.

Read: 81, 000 Accounts’ Private Messages Being Sold by Facebook Hackers

Last Thursday, a report about Facebook admitting and acknowledging a bug in the password management systems have been released. It was about the passwords of millions of Facebook and Instagram users being stored in plaintext in their internal platform.

The report came from Krebs on Security, is a blog about online security and privacy.

What does this mean?

Basically, this means that hundreds, even thousands of Facebook employees could have tried searching for them in order for them to gain access. More so, as per Krebs, these passwords could have been passwords created since 2012.

But is this legal?

Apparently, it actually is. Companies and some organizations can store and keep account credentials and passwords. The only requirement is that it needs to be encrypted — via hash. Hashes or hashing is a cryptographic process by scrambling the password before they actually get saved in their servers.

By doing this, the credentials are saved and needs to be encrypted first even if someone is able to infiltrate through their systems and servers.

Read: Tech and IT Expert Tells Netizens to Have a Facebook Password Reset After the Security Breach

Facebook, being a billion-dollar company, is actually a fiesta for hackers. This is why they heavily invest in these encryption programs and systems to avoid embarrassment and the lack of proper security.

However, one chance nullifies all of the securities of a certain website, organization, or server that any money can buy.

Pedro Canahuati, Facebook’s Vice President of Engineering, said that they found some passwords that are kept in readable and easy-to-figure-out formats in their systems.

 As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems. Our login systems are designed to mask passwords using techniques that make them unreadable. To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them.”.

What did Facebook do?

Facebook now corrected the logging in bug as per Canahuati. More so, they said that the organization will appropriately notify the hundreds of millions of Facebook Lite Users, Facebook users, and Instagram users that their passwords may have been exposed.

Read: Fake Facebook News Will Now be Penalized

Yes, after Facebook acquired Instagram last 2012, Instagram has been one of the well-known subsidiary companies and organizations of Facebook.

Facebook, however, does not want to reset the password for these people.

The breach, somehow, was able to aid Facebook in finding the hole in the system — the plaintext passwords and the bugs that were the reasons why they were there.

Even access tokens and other authentication processes were checked by Facebook since they already had the assumption that everything has been infiltrated.

In the course of our review, we have been looking at the ways we store certain other categories of information—like access tokens—and have fixed problems as we’ve discovered them.”

So, what do you need to do in this case?

Even after Facebook announces who were affected of this breach, it is still imperative for all Facebook users to change and modify their passwords just to be safe.

Read: Things You Should Never Share Or Post On Facebook for Safety 

As a matter of fact, doing this will not only help you have a better chance of blocking someone who might have your password, it also saves you from being part of the demographic who had their passwords saved in plaintext — unencrypted and unsafe.

How can you reset your Facebook password?

Plain text Password
This image was taken from Pixabay || || Facebook Login

There are different ways on how you can reset your Facebook password. You can reset it either via the Desktop or the browser version or via the application.

Resetting your Facebook password via Desktop

  1. Log-in to your account;
  2. Go to Settings by clicking on the drop-down arrow the top right part of the webpage;
  3. Inside Settings go to Security and Login;
  4. From there, you will see the option to change your password by clicking on Change Password. 

Resetting your Facebook password via the iOS or Android

First and foremost, you need to do it via the Facebook application itself.

  1. Open the Facebook application with your account logged in;
  2. Proceed to the option where you can go to Settings and Privacy;
  3. Once there, find the Settings option;
  4. Go to Security and Login -> Change Password

Resetting your Facebook password via Facebook Lite

If you’re unaware, Facebook Lite is an official Facebook client which allows you to utilize this popular social networking site. The only difference is that it contains a lighter app — best for low-power Android devices or those which have limited Internet connections.

  1. Open your Facebook Lite account;
  2. Proceed to Settings;
  3. After doing so, click on the Security and Login;
  4. From there, you will be able to see the option that will allow you to change your password.

Resetting your Instagram password

Now, in resetting your Instagram password, you have to utilize the application itself. Although I am not sure whether or not you can change your password via the Desktop version.

  1. Open Settings via your Instagram profile;
  2. Once you’re inside settings, proceed to Privacy and Security;
  3. Lastly, you can select Password if you look to change your Instagram password.

Read: How to Hide Location on Your Posts on Facebook

Even if your two accounts (Facebook and Instagram) don’t share the same passwords, they can be linked and fraudsters can have a way to access your Instagram account via your Facebook credentials.

If you’re tired of remembering too much passwords, there are applications you can use to help you remember your passwords safely.

This incident is just one of the many incidents where Facebook and other subsidiaries were involved. Technology is not perfect and although advancements and innovation were and are continuously developing, it still have its flaws.

As users, we need to make sure that our personal information is safe from potential people who can steal it. So, we need to make sure that we follow the best tips we can find on the Internet to keep our accounts safe and sound.

Leave a Comment