Saturday, 12 November 2016 12:59

Facebook is buying stolen passwords on the web deep, but it's for a good reason


A responsibility that Facebook has with its users is that it needs to ensure that your account is not easily hackable. This means creating security systems, but there is always a problem: the most vulnerable point of any online system is the user who does not care right to their own information.

This usually comes in the form of insecure and repeated passwords. Then, no matter if the company built the Fort Knox; if someone has your email address and the password is "123456", your only chance of not being hacked is to have two-step authentication enabled. Face it: if your password really is "123456", you probably also have not activated the second verification step.

However, Facebook has taken a very unorthodox place to deal with this problem. Alex Stamos, chief security officer in the company, told CNET today the company negotiates directly with cybercrime in the deep web to buy databases with passwords stolen by hackers.

The fact is that these databases stolen end up revealing enough of human behavior on the Internet. By analyzing a huge amount of passwords, you can see patterns of which are those most recurrent, and therefore more fragile. On a bench 1 million keywords, imagine how many "123456" will not arise. Suddenly, you can see that many people are using the password "kittens", and it became dangerous.

By purchasing these stolen banks, Facebook can do this analysis and compare it with your own database (encrypted, it is true) passwords. Stamos reveals that to make this work, which is quite heavy for company computers, the social network was able to alert tens of millions of users that their passwords were not safe.

The executive explains that Facebook has the tools to offer more security to users, such as the aforementioned two-step authentication. It is the person's prerogative to use these tools or not, but the company says it is his responsibility to take care of those who choose not to activate the features.



World's leading professional association of Internet Research Specialists - We deliver Knowledge, Education, Training, and Certification in the field of Professional Online Research. The AOFIRS is considered a major contributor in improving Web Search Skills and recognizes Online Research work as a full-time occupation for those that use the Internet as their primary source of information.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.