Is Facebook Really Protecting Its Users And Their Passwords?

Opsahl, Kurt. Facebook’s Eroding Privacy Policy: A Timeline. April 28, 2010. Retrieved from https://www.eff.org/deeplinks/2010/04/facebook-timeline

Facebook is once again making their users question whether the social media platform can really be trusted with users private information. This time it is with passwords and the lack of protection.

Every time we go on the internet and visit our favorite social media platforms (Facebook, Instagram, Twitter, Snapchat, and so on), we expect that those in charge of privacy and security are doing their jobs and watching out for us. But it seems that Facebook is once again highlighted for not doing just that. That Senate hearing wasn’t enough of a wake-up call I guess.

According to Pierre Schneidermann (konbini.com), he writes that a blog “KrebsonSecurity, written by a former reporter at the Washington Post revealed that Facebook, unfortunately, saved hundreds of millions of account passwords in plain text” (Scneidermann 1). Schneidermann explains that when users create passwords and save them on a social media platform, like Facebook, that they “…undergo a series of transformations called hashing that makes them impossible to crack” (Scheidermann 1). How can it be that Facebook claims to continue to try to build back their users trust and expect to add new users everyday when they can’t even protect our passwords properly? If this process is supposed to happen every time we create or update our password, then how come Facebook can’t seem to actually make sure “hashing” happens?

I have been a Facebook user for almost 10 years and the more stories I read online and watch on the news about their lack of being able to protect my information, the more I seriously consider whether or not I will continue to keep my profile. And I’m sure I’m not the only person who feels this way. But even if I deactivate my account, it doesn’t mean that it is off the internet for good. All of my data is still present out in there on the web, for hackers and other cyber people to find and exploit. So, our accounts are never really safe, even when we think they are from deactivation.

Another point that is even more alarming that Schneidermann brings up is that this latest password scandal is not just about keeping Facebook passwords safe but Instagram ones as well! Many users use these two apps together to upload our favorite photos from the beach or a date or of our cute dogs and cats, sending the same photos and descriptions to both platforms. Schneidermann says that “the company admits that hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users are concerned by this error” (Scheidermann 1). Technology changes fast but hackers change just as fast if not faster which means they can and will find a way to hack into as many accounts as possible in the hopes of not only scaring but hurting as many users as possible. And if users have linked their social media accounts with the same passwords, then they are even more vulnerable.

Facebook needs a serious overhaul of staff or an oversight committee to come take over the company because clearly Mark Zuckerberg is more focused on Facebook Watch shows and making more money off of ads and the stock market than making sure the platform is safe and protecting his users. Didn’t he think about this in that garage all those years ago? That users would only use his platform if they felt he could be trusted? Maybe he needs to go back to those garage days and get a refresher course of those struggling days and nights because his team is not doing their jobs day in and day out. Though Schneidernmann does have a quoted source from VP of Privacy Pedro Canahuati saying” ‘We have found no evidence to date that anyone internally abused or improperly accessed them’ ” (Schneidermann 1). While that is doing damage control and hopefully Canahuati is correct, I’m still not so convinced that Facebook is doing everything in its power to protect its users.

So as always, change all of your passwords, review your privacy settings, and make sure that your account is secure and to the setting you personally set them to. Doing our do diligence is our best defense because security is very important. Keeping our information private if we so choose is also important. Trusting those whose jobs it is to do this is clearly not something users should leave up to the professionals to do entirely, at least on the most basic level of passwords and other sensitive information. I wonder how many more nails can be driven into Facebook’s coffin until it is the final one? I guess we’ll just have to wait and see. But in the meantime, be smart and thoughtful online and watch out for your account and your family and friends accounts too. Be the security team for Facebook or start considering if it is really worth still having an account at all.R