Facebook strikes again – now asks new subscribers for passwords to their email accounts

Facebook just can’t get a break. After a long string of accusations directed at the social platform for security and privacy concerns, Facebook has now been caught using an appalling security practice – demanding new subscribers hand over the password to their email.

Just weeks after it was revealed that Facebook had stored user passwords in plain text accessible to employees, the company everyone loves to hate is now making headlines for demanding the keys to users’ electronic inbox.

First reported by a developer identified on Twitter as e-sushi and independently verified by The Daily Beast, the dubious prompt appears when someone attempts to create a new account using a non-traditional email address.

“Hey @facebook, demanding the secret password of the personal email accounts of your users for verification, or any other kind of use, is a HORRIBLE idea from an #infosec point of view,” e-sushi wrote. “By going down that road, you’re practically fishing for passwords you are not supposed to know!”

Facebook does note in fine print that the company won’t store your password, but judging by its past misuse of customer information, it’s hard to believe much of what Zuck’s company says these days.

In an emailed statement, a company spokesperson said, “We understand the password verification option isn’t the best way to go about this, so we are going to stop offering it.”

As a rule of thumb, never share the password associated with your personal email account with anyone. That password is meant to be used only by you and only with that email account. And, as always, it’s best to avoid reusing the same password across different services.

Read the original article here

You may also like


Get in Touch

Hi there, thanks for stopping by. If you need help with anything, just fill in the form below.
Alternatively, you can call us on 02392 984 730