Jump to content


Facebook flaw bypasses password protections

facebook security

  • Please log in to reply
2 replies to this topic

#1 GreatMarkO



  • 508 posts
  • Joined: 01-August 11
  • Location: UK

Posted 03 November 2012 - 12:09

From BBC News:
"Facebook has moved quickly to shut down a loophole which made some accounts accessible without a password.
The bug was exposed in a message posted to the Hacker News website.
The message contained a search string that, when used on Google, returned a list of links to 1.32 million Facebook accounts.
In some cases clicking on a link logged in to that account without the need for a password. All the links exposed the email addresses of Facebook users."

Source: http://www.bbc.co.uk...nology-20180229

Before anyone panics, FB say they have fixed the flaw "turned the feature off until we can better ensure its security"

#2 Growled


    Neowinian Senior

  • 41,508 posts
  • Joined: 17-December 08
  • Location: USA

Posted 11 December 2012 - 23:12

I hope they've gotten it fixed.

#3 Ambroos


    Neowinian Senior

  • 6,232 posts
  • Joined: 16-January 06
  • Location: Belgium
  • OS: OS X Yosemite / Windows 7
  • Phone: Sony Xperia Z2

Posted 11 December 2012 - 23:20

I never was a big fan of those links that automatically log you in to a website. It's really weird when you're suddenly logged in on a new computer or browser. Just let people enter their passwords.