Facebook Automates Fight Against Hackers

  • 17 October 2014
  • 1 reply
  • 1 view

Userlevel 7
By:ristin Burnham Posted on 10/17/2014
 
Here's a sneak peek into the system Facebook uses to secure your account when other websites are hacked
 
When a hacker reportedly stole 7 millionDropbox user credentials this week, Facebook ensured that the leaked data didn't compromise your Facebook account. Today, the social network offered a peek into the system it uses to keep users' accounts secure, even when other websites are breached.
"Theft of personal data like email addresses and passwords can have larger consequences because people often use the same password on multiple websites," said Chris Long, security engineer at Facebook. "Lots of household company names have experienced the unpleasant phenomenon of seeing account data for their sites show up in these public ['paste'] lists, and responding to these situations is time-consuming and challenging."
 
 
Full Article

1 reply

Userlevel 7
Author: Zeljka Zorz HNS Managing Editor/ Posted on 20 October 2014.
 
In the spirit of November as National Cyber Security Awareness Month, Facebook security engineer Chris Long shared how the company discovers that some of its users' accounts could be compromised and preemptively pushes them towards changing the password.

The company has created an automated system that trawls public paste sites (Pastebin and such) for leaked login credentials, collects the information, compares it to the Facebook internal databases and, if a match is found, alerts and guides the user through the password-changing process.

"The Facebook Security team has always kept a close eye on data breach announcements from other organizations. Theft of personal data like email addresses and passwords can have larger consequences because people often use the same password on multiple websites," Long pointed out.

For those worried that this means that Facebook employees can easily access and see their password, he explained that the process is completely automated.

 
Full Article

Reply