📅 December 11, 2017     🕐 2 minutes read

You Can Login To Facebook With The Wrong Password

typing the wrong password will still allow you to login to Facebook

I’ll be honest with you. I don’t use Facebook much. I’ll log in once in a while to see what my 400+ “close friends” are up to, scroll twice and log out.  But usually I get on Facebook just to do a quick post on FSM’s page.

You might care more about Facebook than I do. And don’t worry… next time you log in, if you type in the wrong password, you’ll still get in.

Here’s the deal. Let’s say your FB password is “password”. You can type “1password” or “password1” ( or replace “1” with any other character ) and you’ll still be able to get in.

I’m not a security expert so I can’t explain why is this allowed. But in my book, no matter what the reason is, it’s a security flaw. I’m also a bit paranoid ( maybe too strong of a word ) and my first thought was…. OK, once people will figure it out it will be all over the news and then Facebook will prompt users to change their passwords.

Once a user changes his/her password, next step will be to “upload a clear photo of your face“. And I suppose you can figure it out why they want you to do that. To keep you safe. Wink wink.

To be clear, I’m not saying that’s the reason behind it. I’m only saying that this was my first thought. So in the meantime, you might want to turn on two-factor authentication by going to Settings > Security and Login. You might also want to use the “Recovery Codes” for 2FA, but if you want to use the SMS option, do me a favor and use a prepaid SIM not your actual number.


FSM has no ads or affiliate links. Your support would simply pay for our servers, domain and maintanance. If there's any leftover change, we'll get some coffee and a slice of pizza.

Monero (XMR) 43GnqUNJrTi9QyL7kEH8vM8pgWGCE6bjv1FSRipeNMM4TTeNnUVsRBb6MfMpQYxtLE7ReonxVVSXz2rFCEdW5H11LC3x73b
Bitcoin (BTC) 1Hfuq77gKKFJeNcq4EP4dQK3yDRWrFEwJR
Bitcoin Cash (BCH) qzmdm6e6q5wf2p6sxz2mst7cenz60newwc5m4e9js8
Ether (ETH) 0x5f02869278C24A6579d3820f52AD15936D6F9d69
More content?