Reply to post: Re: "why do social networking platforms [..] adopt much stricter password policies?"

Third of US banks OK with passwords even social networks reject

James O'Shea

Re: "why do social networking platforms [..] adopt much stricter password policies?"

"I've heard from friends who use FB that hijacking is common and FB doesn't really persue things. So... meh on them."

Facebook 'hijacking' is trivially easy. For reasons best known to FB, <identity redacted> known to be because of <identifying feature redacted> once had some twit drop FB message traffic onto his/her/its gmail account. This was despite <redacted> not having a FB account, but having a Gmail account one digit off of the FB twit's account. Appeals to the FB twit to stop having his allegedly private messages appear on <redacted> Gmail went unanswered. Appeals to FB admin to do something about their user when unanswered. What resolved the matter was when <redacted> used the fact that the FB account was effectively identical to <redacted> account, and to go onto FB and try to delete the account. After the second time this was done the FB twit got the message and the messages stopped showing up in Gmail. It was trivial to get complete control of the FB account. Security? They've heard of it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019