Facebook is actively checking for stolen passwords

We all know that it is wrong to reuse your passwords for different websites and services. But a lot of people are still doing that. Recently, a ton of Dropbox user id and password were posted online. Initially we all thought that Dropbox was hacked. It wasn’t. After investigation, it was revealed that attackers used stolen credentials from unrelated services to try to log in to sites across the internet like Dropbox.
This is not uncommon. That’s why I’m glad when Facebook announced that they are constantly keeping an close eye on data breach announcements from other websites. Once a set of stolen credentials were discovered, Facebook will check if the email addresses and hashed passwords match valid login information on Facebook. If there is a match, they will force a password change to protect your account.
Good job Facebook. Hope all major websites does the same to protect their users.
I always said that the password system is broken. We need a new way to authenticate ourselves on the internet. Until someone comes along with a better solution, we’ll have to be more careful and practice good password habits like not reusing our password.

Leave a Reply

Your email address will not be published. Required fields are marked *