Facebook Now Checks and Notifies Users if Passwords Have Been Stolen

Advertisement
By NDTV Correspondent | Updated: 21 October 2014 12:31 IST
In a bid to keep its users' accounts safe, social networking site Facebook has created an automated service that monitors the web for stolen email addresses and passwords.

The service checks credentials to see if they match those being used on Facebook.

Once it finds a set of stolen credentials, it passes the data into a programme that analyses it in computer language.

An automated system then checks it against the Facebook database to see if any of the email addresses and hashed passwords match login information on Facebook.

Advertisement

"Theft of personal data like email addresses and passwords can have larger consequences because people often use the same password on multiple websites," Facebook's security engineer Chris Long wrote in a Facebook post.

Advertisement

"We built a system dedicated to further securing people's Facebook accounts by actively looking for these public postings, analysing them and then notifying people when we discover that their credentials have shown up elsewhere on the Internet," he said.

If it finds a match, Facebook notifies the affected user the next time they log in and guides them through a process to change their password.

Advertisement

1. Once we find a set of stolen credentials, we pass the data into a program that parses it into a standardized format.

2. After the data has been downloaded and parsed, an automated system checks each one of them against the Facebook internal databases to see if any of the email addresses and hashed passwords match valid login information on Facebook. We hash each password using our internal password hashing algorithm and the unique salt for that person. Since Facebook stores passwords securely as hashes, we can't simply compare a password directly to the database. We need to hash it first and compare the hashes.

Advertisement

3. If the email and hash combination doesn't match, we don't take any action. A mismatch indicates that the stolen password is different than the password you use on Facebook, and therefore an attacker wouldn't be able to use that password to access your Facebook account.

4. If the email address and hash combination does match, we will notify you the next time that you use Facebook and guide you through a process to change your password. Changing your password will invalidate the stolen password and help protect Facebook account.

Written with inputs from IANS
 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Facebook, Social, Social Media
Google Nexus 6 Confirmed to Go Up for Pre-Order on October 29
Samsung Galaxy S5 and Galaxy S5-LTE Prices Slashed in India
Advertisement

Related Stories

WhatsApp Said to Be Testing Feature That Lets You Import Profile Photos from Facebook or Instagram
28 July 2025
Meta Introduces Stringent Measures Against Unoriginal, Improperly Reused Facebook Content
15 July 2025
Meta Verified Users Claim ‘Useless’ Customer Support Amid Account Bans Despite Paying for Subscription
3 July 2025
Facebook Reportedly Asking Users Access to Private Media in Camera Roll for Meta AI Features
30 June 2025
YouTube Exemption From Australian Teen Social Media Ban Opposed by Regulator
24 June 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Amazon Great Indian Festival Sale: Deals on Smartphones, Laptops Teased
  2. From iPhone 17 to New Apple Watch Models: What to Expect from Apple Event
  3. Realme Watch 5 Design, Key Features Leaked Ahead of Debut
  4. OpenAI Shares Plans to Better Protect Teenagers, Distressed Users
  5. Redmi 15 5G, Note 14 Pro Prices Dropped During Diwali With Xiaomi Sale
  6. Apple Rolls Out iOS 26 Beta 9 for iPhone Ahead of iPhone 17 Launch
  7. Oppo Enco Buds 3 Pro Available for Purchase in India: See Price, Offers
  8. Sennheiser Momentum 4 Wireless 80th Anniversary Edition Launched in India
  9. Realme's 10,000mAh Battery Concept Phone Could Become a Reality Next Year
  10. India and US Investors Create IDTA to Invest in Indian Deep Tech Startups
#Latest Stories
  1. Apple Rolls Out iOS 26 Beta 9 Update for iPhone With Bug Fixes Ahead of iPhone 17 Launch
  2. BCCI Says Crypto, Real Money Gaming Platforms Can’t Bid for Team India’s Title Sponsorship
  3. Scientists Discover Hidden Mantle Layer Beneath the Himalayas Challenging Century-Old Theory
  4. Astronomers Propose Rectangular Telescope to Hunt Earth-Like Planets
  5. Microsoft Testing Native Clipboard Sync Feature to Share Text Between Windows PCs, Android Devices
  6. Su From So OTT Release: When and Where to Watch This Kannada-Language Horror-Comedy Online
  7. Sennheiser Momentum 4 Wireless 80th Anniversary Edition Launched in India With Up to 60 Hour Battery Life
  8. Call of Duty Film Adaption Said to Be a 'Priority' at Paramount, Negotiations on to Acquire Rights
  9. Cannibal Solar Storm May Trigger Auroras as Powerful Geomagnetic Storm to Hit Earth Soon
  10. Apple's iPhone 8 Plus Listed as Vintage Product Ahead of iPhone 17 Launch, 11-Inch MacBook Air Now Obsolete
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.