Facebook Stored Millions of Passwords in Plain Text

Facebook is already facing some strong backlash from the community for not honouring the privacy of the users. And now, they are under serious problem due to storing the passwords of millions of users in a plain text file. The company has stored the passwords of millions of users in text format on the server. Anyone with the root access to the server could access the file of the passwords and usernames of the users. All of the times, the passwords are stored in the encrypted hashes, which is the encrypted format. But due to some issues with the strings and the hashes, the passwords were saved in plain text format.

As the passwords were stored in plain text format, anyone could easily read them if they had access to the server. Almost all of the server administrators had access to the server and to the same file that had the passwords of millions of users. Security analysis firm “Krebs on Security” found the problem and first reported to Facebook. According to the firm, most than 200 million to 600 million users had their passwords saved in the unencrypted plain text file. Any third-party access or the hacking attack on the server could be catastrophic for all of the users and also for the company.

It’s not a hollow claim from a third-party security firm, but Facebook has accepted that fact. In January, after receiving the report from Krebs on Security, the company conducted a security review and found the problem. As of now, the issue is fixed permanently, and the affected users will receive the intimation to change their passwords ASAP. Facebook is reluctant to say that the passwords were accessed by any third-party that had access to the server, legally or illegally. Even if the company fails to notify the users, everyone is suggested to change the passwords to stay on the safer side.