Oops! They Did It Again

Facebook blows it on security – again!

Yesterday Facebook announced that it has improperly stored millions of user account passwords.  They were stored as “plain text” and were readable by more than 20,000 FB employees.

Once again, Facebook betrays users’ trust

Although FB claims they have seen no evidence of abuse, they have proven several times in the past year that they cannot be trusted with our data despite publicly claiming that protecting it is their first priority. An audit of FB records revealed that 2000 engineers and developers at FB had made 9 MILLION queries that included plain-text user passwords.

Here’s what you need to know and do.

  • There is no easy way to know if someone had access to your account
  • Change you password – including on any sites where you use “login with FB”
  • Set up your FB account to receive alerts when an unrecognized device logs into your account: go to Settings, Security and Login, Get Alerts
  • From that same Login page you can access “Where you’re logged in” to verify any devices that are logged in and their locations – if one isn’t you, hit “remove”

We tech nerds say it all the time, but please, make sure you use different passwords for different accounts.  If you don’t, the scary example is that anyone who could read your plain text password could then use it to log in to any other account where you used it – because let’s face it, FB knows what you like and where you spend your time.

Consider using a password manager like LastPass to store, generate, and most importantly, encrypt your passwords.  If LastPass is right for you, you can use WorkingCat’s link to get your first month free by clicking to here:  https://lastpass.com/f?955046

Stay safe out there!