Could your Facebook account have been hacked?
Facebook has just confirmed that it has been hacked and that the data of about 50 Million of the 2 billion users was compromised and other 40 Million were vulnerable to the attack according to https://www.stuff.co.nz/technology/digital-living/107475683/facebook-says-50-million-users-affected-by-security-breach, users of Tinder, AirBnB and Spotify may have been greatly compromised.
In part this hack was successful do to the users setting there logins as permanently logged into their Facebook account and using Facebook logins via other apps thus people who keep logging in and out of Facebook may not be affected.
On the bright side though users may not need to change their passwords as simply logging out of Facebook may suffice to terminate the hackers access since the hackers are using Facebook built in access tokens which expire after every log out.
Technically speaking access tokens enable someone to use the account as if they were the account-holder themselves. In practice whenever you login Facebook, Facebook asks you whether you want to keep logged in implying no need for a password next time you login, thus once you clicked yes Facebook generated access tokens which act more or less like password for every login.
In fact Facebook just has to just reset the access tokens to terminate your access without requiring you to change the password.
No comments:
Post a Comment