Facebook: Facebook recognizes storing passwords in plain text


Facebook, on Thursday, admitted that millions of passwords were stored in plain text on its internal servers, a security newsletter that left them readable by social networking giant employees.

"To be clear, these passwords have never been visible to anyone outside of Facebook and we have not found any evidence to date that someone internally abused or maliciously had access to them," said Pedro, vice president of engineering, security and privacy Canahuati at a blog post.

The flaw was revealed during a routine security review earlier this year, according to Canahuati.

He said Silicon Valley is expected to inform hundreds of millions of Facebook Lite users. tens of millions of other Facebook users and tens of thousands of Instagram users whose passwords may be vulnerable to prying eyes.

The basic security weakness was revealed at the height of a series of controversies focusing on whether Facebook is properly protecting the privacy and data of its users.

The basic data defense mistake would also be opposed to the "Hacker Way" mantle that Facebook co-founder Mark Zuckerberg has adopted in the social network. "One way of hacking" is the main address of the huge Facebook campus in California, Menlo Park.

Brian Krebs of KrebsOnSecurity.com's security news site reported a Facebook anonymous source saying internal research had so far shown that 600 million social network users had account passwords stored in plain text files that can search for more than 20,000 employees.

The exact number had not yet been determined, but files with unencrypted passwords were found from the year 2012, according to Krebs. "We have fixed these issues and as a precaution we will notify all passwords we have found stored in this way," Canahuati said.