22nd Mar 2019
Facebook defaults (for potentially 600 million users) yet again!
ABC reports “that Facebook has left millions of user passwords readable by its employees for years, after a security researcher posted about the issue online.
By storing passwords in readable plain text — as opposed to a scrambled form, which makes it almost impossible to recover the original text — Facebook violated fundamental computer security practices.
“There is no valid reason why anyone in an organisation, especially the size of Facebook, needs to have access to users’ passwords in plain text,” cybersecurity expert Andrei Barysevich said.
Facebook said there was no evidence its employees abused access to this data — but thousands of employees could have searched them.
The company said the passwords were stored on internal company servers, where no outsiders could access them.
The incident reveals yet another oversight at a company that insists it is a responsible guardian for the personal data of its 2.2 billion users worldwide.
The security blog KrebsOnSecurity says Facebook may have left the passwords of some 600 million Facebook users vulnerable.”
LifeBank provides one sure way of ensuring that all passwords and data makes the user of LifeBank the sole custodian of it.