Last Friday 50 million Facebook users woke up and discovered that they had been logged out of Facebook. Not just one place, but on their computer, cellphone, the Messengar app and on all devices where they had used Facebook as their logon method. Facebook is saying that there’s no need for their users to do anything. Don’t listen to Facebook! Change your password now!
When people logged on to Facebook again, they got a message from Facebook telling them why they had been logged out. Turns out that Facebook had discovered a security vulnerability that could potentially jeopardise the accounts of these 50 million persons. In short, the security hole made it possible for unauthorised third parties to use the tokens that Facebook use to keep you logged in. Without these tokens, you would have to type in your username and password every time you wanted to use Facebook. Others could get these tokens, and then made use of your Facebook account.
Facebook were quick to explain that everything was under control and that nobody needed to change their password. Do not listen to this. If you haven’t changed your password already, do it now! And you should do it, whether you were among the 50 million people who were logged out or not.
Why? Because:
Facebook can’t, under any circumstances, guarantee that nobody else has access to your account. There is no way for them to see and evaluate this.
Facebook have repeatedly been caught lying or at least trying to cover up the truth about what information they are sharing about you. Mark Zuckerberg has had to appear in front of the Senate in the US, and in front of the EU parliament, to explain himself about how they are using our data to make money.
About a month ago it was also revealed that the cellphone number you add to your Facebook account, very often to use it for two factor authorisation, is not, as Facebook explain it, to increase security for you. It’s so that they can sell your phone number to phone spammers.
When Facebook are sitting on so much data about people as they are, there has to be zero tolerance for these kind of errors. You simply cannot make the system secure enough, and it should be a routine operation to change the users password when something like this happens.
If you for one second think that Facebook cares about you and your security, you will be gravely mistaken. Ok, they do care indirectly. But what they really care about is their owners and their value on the stock market. If they went public and told everyone to change their password, it would be yet another scandal in an already difficult year. This would lessen the value of their stock, and that would make for unhappy shareholders and owners. And they are the ones Facebook care about. Remember, you are their commodity.
This is how you change your password:
- Go to Settings:
- Choose Security and login. Then find the section called Login and click on Edit button behind Change password:
- In the form that comes out, you fill out your current password, and then you create a new password, which you will have to confirm in the other field:
- Click on Save Changes when you are ready
- You will be asked if you want to log out from all devices and places where you are currently logged into Facebook. Choose this and click Continue.
- You will now be taken to a list of all the places you are currently logged into Facebook. At the bottom of this list, to the right, you can choose to log out from all of these places. Do this now.
- You will be asked to confirm. Do this.
- You will now be logged out from Facebook everywhere and will have to log in again, with your new password.
So do not listen to Facebook. Change your password. Now!
What do you think of this tip? Is something unclear? Do you want to add something? Use the comment section below!