Facebook Security Tactics Include Searching for Stolen Passwords

While we were busy feeling lazy enough to create new passwords for every website, Facebook was plainly trying to proactively search for any password dumps on the Internet that could lucifer a user's password on the social networking site. This calendar week, we saw Dropbox suffering a slight blow when a post on Reddit made rounds offer Dropbox account IDs and passwords in exchange for some Bitcoin donation. The incident was one of the many where the lack of security had to do nothing with the service itself. While all these top networking, mailing and storage services on the Internet do their best past keeping their servers strong and impenetrable, it is ofttimes at the user'due south end where the security gets breached.

-Millions of Dropbox Passwords Leaked Online In Substitution for Bitcoin Donations

Latest Facebook security mensurate:

Due to the fact that a plenty of users still don't take the results of reusing passwords on multiple websites seriously, cases like the Dropbox incident practice happen regardless of their proportion of ill-upshot. To thwart such incidents where services get compromised considering of countersign dumps, Facebook has announced today a new solution to the trouble. In this solution, folks at Facebook security department actively trawl the Internet specially the anonymous posting sites for leaked passwords. They would then try out those passwords on Facebook accounts and in instance of a hit, automatic reset of the password and user notification would happen. Concerning a privacy aspect of such trial and error game, Facebook assures that it's "completely automated process that doesn't crave u.s. to know or store your actual Facebook countersign in an unhashed form. In other words, no one here has your plain text password."

Facebook believes that in case of reuse of passwords which are and then establish in such anonymous files, the visitor volition get to know about the breach earlier the criminals do, hence securing the terminate user. Facebook warns about users reusing their password affecting their own security, only withal proactively tries to make Facebook security as strong as possible,

The trouble of password reuse on multiple websites is endemic and well documented. The risks are also clear: if you lot apply the same password on lots of websites, an attacker simply has to become your password one time to exist able to access all of those accounts. Managing many dissimilar passwords can be daunting, merely picking a adept password manager that you trust can brand the process much easier.

Again, try to create new countersign for every website yous sign upward for. Use password managers to aid y'all out in creating potent passwords and memorizing them for you.

- Note of Chris Long, Facebook Security Engineer