|Social Media Company Facebook is said to be well prepared in privacy problems as the sire is able to access passwords easily because it only uses plaintext as a format / Photo by: Jimmy Baikovicius via Flickr|
Facebook seems to be well assured on its handles on user privacy even as Brian Krebs, a cybersecurity reporter, revealed that the company actually is able to access account passwords very easily because they were formatted in nothing more than plaintext.
According to Tech Crunch, it was on Facebook’s blog post Thursday in which they confirmed this to be true, which has subjected the social media platform to public criticism once more. In January, rumors about this particular nugget of information from the company arose when Pedro Canahuati, the VP of engineering, security, and privacy of Facebook revealed that this was part of the company’s routine security review.
Canahuati assured, though, that these passwords were only available to people who work on Facebook, or about 2,000 engineers and developers who have access to literally anyone’s account. Facebook CEO Mark Zuckerberg had already clarified in a previous hearing that they will never voluntarily do anything with their users’ information, but recent data breach incidents had only stirred people’s paranoia on the matter.
On top of that, the 2012 bug that shook both Facebook and their users was actually brought forward by Krebs, about which Canahuati assured that the company has ample systems to counteract these issues.
Canahuati said that a Facebook system has even managed to detect the bug, thanks to the company’s login systems being “designed to mask passwords using techniques that make them unreadable.” He also gave assurance that the company had not found anything that points to the fact that the information was used in any abusive or improper way.
However, more of this sort of information doesn’t serve the company well, especially since there are even recent reports that Facebook is on its way to possibly another scandal when it reportedly “allowed other tech companies to access account data without consent” from the users.