Tag Hartman-Simkins
Plain Text Passwords

Facebook Stored “Hundreds of Millions” of Passwords as Plain Text

byVictor Tangermann
3. 21. 19
Tag Hartman-Simkins

Time to change your password again.

Plain Text Passwords

In a damning privacy revelation, Facebook admitted to storing “hundreds of millions” of account passwords in plain text — a flabbergasting breach with good data security practices.

“As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems,” reads a post published today, written by Pedro Canahuati, Facebook’s VP Engineering, Security and Privacy.

“No Evidence” of Abuse

200,000 employees could see the passwords, The Verge reports. According to cybersecurity reporter Brian Krebs, who first identified the flaw, between 200 and 600 million Facebook users are affected.

That news is especially grim for users who recycled old passwords across different sites. But the exact fallout of the mistake remains unclear.


“To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them,” Canahuati wrote.

Industry Standard

The industry standard practice for storing sensitive information such as passwords or user account names is called “hashing,” meaning passwords are stored locally as a random set of characters, making it harder for hackers to make use of stolen credentials.

Facebook advised its users in the post to change their passwords for both Facebook and Instagram.

“Pick strong and complex passwords for all your accounts,” Canahuati wrote. “Password manager apps can help.”


READ MORE: Facebook stored hundreds of millions of passwords in plain text [The Verge]

More on Facebook: Facebook Had a Terrible, Horrible, No Good, Very Bad Day

Care about supporting clean energy adoption? Find out how much money (and planet!) you could save by switching to solar power at UnderstandSolar.com. By signing up through this link, Futurism.com may receive a small commission.

Share This Article

Copyright ©, Camden Media Inc All Rights Reserved. See our User Agreement, Privacy Policy and Data Use Policy. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with prior written permission of Futurism. Fonts by Typekit and Monotype.