Facebook Buys Your Leaked Passwords From Black Markets, Here’s Why


facebook-buys-passwords-black-marekt-1Short Bytes: Facebook’s Chief Security Officer Alex Stamos has revealed that Facebook buys leaked passwords from black markets. The company does this exercise and matches the leaked passwords with the encrypted passwords of the users. This way, Facebook alerts the users who use weak passwords.

Facebook is a technology giant that has to manage tons of data on the daily basis. Its size and scope also make it one of the top targets of the notorious hackers who keep looking for any opportunity to breach data. To avoid such mishaps and scandals, Facebook tries to take every possible measure.

At the Web Summit 2016 tech conference in Portugal, the blue network’s chief security officer, Alex Stamos, told how safety is bigger than security. In the wake of the recent data breaches and hacks, he said, “It turns out that we can build perfectly secure software and yet people can still get hurt.”

After the data breaches, the stolen credentials are readily available on the black market. Soon after any leak, cyber criminals buy them and try out their luck. Talking about the same risk, Stamos said that the reuse of passwords is the biggest culprit in causing the harm on the internet.

Facebook buys leaked passwords to keep the users safe

Facebook CSO revealed that the social network buys passwords that are sold on the black markets. Facebook does this to check if the users are using those common passwords in their accounts. The company obtains those passwords and cross-references them with the encrypted passwords used by the people.

While this task is computationally heavy, the social network has been able to help millions of users by notifying them to change their weak passwords. He also said that the concept of usernames and passwords is outdated as it’s an idea that came out of 1970s mainframe architectures.

Apart from this measure, Facebook also gives options like two-factor authentication, activity monitoring, remote logout, identifying faces of friends etc. to help the users. The users should use them and ensure a secure internet experience.

Have something else to add? Don’t forget to drop your feedback in the comments section below.

Also Read: How To Build A “USB Password Generator

Similar Posts