Tech giant Meta has been scrutinized for its shocking behavior in terms of storing user passwords. The company was recently fined a whopping $101 million USD (or 91 million euro to be exact) for the behavior by Irish officials.
Millions of user passwords were not only stored in plain text but they were also shared with the company’s employees, being accessible to the masses. As one can expect, it’s a major cardinal sin that the tech giant took part in.
Facebook’s parent firm first shared the security lapse at the start of 2019. Meta revealed that apps connecting to its platforms logged user passwords in plaintext, stored in a database accessed by 2,000 engineers over 9 million times.
This is why the company has been investigated by officials for the past five years. The officials mentioned that during the time of this error, it found a routine security review of the firm’s internal network and how it was storing data. They further revealed how no other evidence was present including alarming signs of accessing passcodes or passing on the same details to those outside the organization.
Despite all the reassurances that Meta has been providing, time and time again, the matter is questionable. It’s a major security lapse on the part of a leading tech giant. The fact that the world of tech has seen so many great practices for storing passwords cryptographically and these being so easily accessible, raised questions on Meta.
One of the best practices includes using one-way cryptographic algorithms that give rise to a long string of characters that are unique for plaintext. Since the conversion works in a single direction, there’s no way to convert it reversely. This is why so many different countries around the globe make use of this and they’ve been mandated by various global laws.
Hashing algorithms are the safest bets for companies as they entail protection that insulates stakeholders from danger in case when hacking databases are on the rise. They work in a single direction so the only way to get plaintext passwords is to make an estimate or a guess.
Read next: OpenAI On The Verge Of Raising Prices For ChatGPT Subscriptions By This Year’s End
Millions of user passwords were not only stored in plain text but they were also shared with the company’s employees, being accessible to the masses. As one can expect, it’s a major cardinal sin that the tech giant took part in.
Facebook’s parent firm first shared the security lapse at the start of 2019. Meta revealed that apps connecting to its platforms logged user passwords in plaintext, stored in a database accessed by 2,000 engineers over 9 million times.
This is why the company has been investigated by officials for the past five years. The officials mentioned that during the time of this error, it found a routine security review of the firm’s internal network and how it was storing data. They further revealed how no other evidence was present including alarming signs of accessing passcodes or passing on the same details to those outside the organization.
Despite all the reassurances that Meta has been providing, time and time again, the matter is questionable. It’s a major security lapse on the part of a leading tech giant. The fact that the world of tech has seen so many great practices for storing passwords cryptographically and these being so easily accessible, raised questions on Meta.
One of the best practices includes using one-way cryptographic algorithms that give rise to a long string of characters that are unique for plaintext. Since the conversion works in a single direction, there’s no way to convert it reversely. This is why so many different countries around the globe make use of this and they’ve been mandated by various global laws.
Hashing algorithms are the safest bets for companies as they entail protection that insulates stakeholders from danger in case when hacking databases are on the rise. They work in a single direction so the only way to get plaintext passwords is to make an estimate or a guess.
Read next: OpenAI On The Verge Of Raising Prices For ChatGPT Subscriptions By This Year’s End