Facebook said it doesn’t know why the error occur despite saving passwords in encrypted forms
Facebook as we know it won’t be leaving the news anytime soon as hundreds of millions of account passwords were found on the company’s server as merely opened texts. An internal investigation commenced in January and later, it was discovered that those millions of passwords were saved in plain texts which can be potentially abused by employees of the company.
While there is no evidence yet that any staff had inappropriately accessed those passwords according to the company’s Engineering, Security and Privacy Vice president, Pedro Canahuati, this is still an absurd and messy story to begin with.
Facebook had assured that it will be notifying hundreds of millions of Facebook Lite users, tens of millions of other Facebook users and tens of thousands of Instagram users about the security issues.
According to the company, the error was found during a routine security check by the company which started earlier in January. With Facebook been the world largest social network with a monthly visitor of 2.3 Billion users, Instagram follows with a whooping 1 Billion monthly visitors. When reached for comment, a Facebook spokesperson referred to the blog post.
“This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable,” Canahuati said in the blog post. “We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way.”
While security glitches had been a issue with Facebook over the past couple of years, this one would be another big revelation by the company making it more doubtful to people who uses it for a more business oriented ventures.
The usual usual storage standards for passwords are encryption which changes the plain text password into a computer – only jargons that would make no sense to humans. While Facebook claims it hashes and encrypts passwords, the reason for the exposure of such a huge number of accounts’ credentials saved on the server as mere plain texts is really bothersome even though the company states it would still investigate more about this.
The social media giant isn’t alone in this sort of security shortfall. Last May, Twitterafter discovering a bug that stored them in plain text on its internal logs. Github had a similar flub revealed last May bringing us to questioning how secured our lives are on the internet.