Facebook Asking The Password Of Email ID Used While Sign Up

Facebook is ironically asking some of its new users to hand over their email ID passwords as a verification process to authenticate new Facebook accounts.

The San Fransisco based social-media behemoth Facebook Inc. (NASDAQ: FB) is making a prompt to some of its new users to reveal the password of their personal email ID – used while signing up with Facebook – to regain admittance to Facebook.

Whenever unsuspecting users try to sign into their Facebook account, the login tool proposes to “confirm your email address” by entering the password immediately, as reported by The Daily Beast already.

The cybersecurity adroit e-sushi in a Twitter handle reportedly exposed the Facebook’s sarcasm of necessitating the new users to inscribe the password of the email ID attached to Facebook on their log-in screen. The prompt message goes like, “To continue using Facebook, you’ll need to confirm your email,” which is then subsequently demanding users to produce the personal email ID’s password. After entering the email ID another pop-up prompts stating that Facebook is “importing contacts”, nevertheless asking the user for permission to access their personal email id’s contacts.

Hey @facebook, demanding the secret password of the personal email accounts of your users for verification, or any other kind of use, is a HORRIBLE idea from an #infosec point of view. By going down that road, you're practically fishing for passwords you are not supposed to know! pic.twitter.com/XL2JFk122l

— e-sushi (@originalesushi) March 31, 2019

With Facebook already in the clutches of recent privacy crisis, this new tool that exploits the user’s email id passwords for reaping unauthorised user’s contacts, sorts as a defective prominence for Facebook.

Whereby the request to enter the email id password is completely unclear at the instant of consequence. Facebook might have been doing so to authenticate user details, but demanding the sensitive password is utterly a deceiving move.

Nonetheless, the organisation is also extending an alternate option to detour password request by initiating the account through regular standard methods like code verification sent to a mobile phone or activating link sent to email ID. These alternative opportunities to verify the new joiners will be presented on clicking “Need help?” option present on the corner top right side end of the page.

It has been just two weeks after Facebook was reported to have collected ‘hundreds of millions’ of user passwords in ordinary plaintext. The company was found storing passwords of about 200-600 million users in plain text, which was accessible for over 20,000 Facebook employees.

Soon after The Daily Beast’s announcement, Facebook declared that it doesn’t save and collect any data. The company also added that it will stop the system of inquiring passwords completely. In a statement, Facebook said,

“We understand the password verification option isn’t the best way to go about this, so we are going to stop offering it.”

Although the pop-up asking users to confirm their email ID also states “Facebook won’t store your password” just beneath the password field, but how protected the keyed-in data are, given Facebook’s record, is an uproarious discussion for another day. This particular statement comes right after Facebook admitted to having amassed 600 million user-email-passwords in plain text that is made freely accessible by its employees.

“This is basically indistinguishable to a phishing attack…This is bad on so many levels. It’s an absurd overreach by Facebook and a sleazy attempt to trick people to upload data about their contacts to Facebook as the price of signing up,” Bennett Cyphers, a security researcher working with the EFF told the publication.

Facebook is always turned upon the spotlight when it comes to privacy and data breaches. Hence, the highest level of data protection is indeed needed from such tech giants to respect innocent people’s privacy. It is an open address to tech-savvy mighty players to safeguard their potential user’s naiveté.

Facebook Asking The Password Of Email ID Used While Sign Up

Must Read

Happy Birthday Warren Buffett: Saluting The Richest Philanthropist!

Global premium smartphone segment 2022: Accounted for 55% of the overall market revenue for the first time

Google hiked YouTube TV subscription price, blaming the rising cost of content

LEAVE A REPLY

Latest News

The Dangers Of Remote File Inclusion and How To Secure Your Web Application

60% of hardcore gamers in India spend on in-app purchases: 3x times more than casual gamers

Artificial intelligence is poised to transform the trading sector: Is it concerning?

Amazon has fired a jaw-dropping number of employees in the last 3 months: Hints a worst-ever economic downturn

Global premium smartphone segment 2022: Accounted for 55% of the overall market revenue for the first time

India’s mobile Internet speed has been improving dramatically with each passing month in 2023 [REPORT]

In-Depth: Dprime

Elon has pressed the Reset Button to redefine Twitter

Will ‘TikTok By Microsoft’ Be A Winner?

Facebook Subscription Model: Looking Beyond Ad Dollars?

UPCOMING CONFERENCES

More Articles Like This

Category

Links

Stay connected

Newsletter Signup

Facebook Asking The Password Of Email ID Used While Sign Up

Must Read

LEAVE A REPLY

Latest News

In-Depth: Dprime

UPCOMING CONFERENCES

More Articles Like This

Category

Links

Stay connected

Newsletter Signup

Subscribe to our newsletter