You Can Login To Facebook With The Wrong Password

I’ll be honest with you. I don’t use Facebook much. I’ll log in once in a while to see what my 400+ “close friends” are up to, scroll twice and log out.  But usually I get on Facebook just to do a quick post on FSM’s page.

You might care more about Facebook than I do. And don’t worry… next time you log in, if you type in the wrong password, you’ll still get in.

Here’s the deal. Let’s say your FB password is “password”. You can type “1password” or “password1” ( or replace “1” with any other character ) and you’ll still be able to get in.

I’m not a security expert so I can’t explain why is this allowed. But in my book, no matter what the reason is, it’s a security flaw. I’m also a bit paranoid ( maybe too strong of a word ) and my first thought was…. OK, once people will figure it out it will be all over the news and then Facebook will prompt users to change their passwords.

Once a user changes his/her password, next step will be to “upload a clear photo of your face“. And I suppose you can figure it out why they want you to do that. To keep you safe. Wink wink.

To be clear, I’m not saying that’s the reason behind it. I’m only saying that this was my first thought. So in the meantime, you might want to turn on two-factor authentication by going to Settings > Security and Login. You might also want to use the “Recovery Codes” for 2FA, but if you want to use the SMS option, do me a favor and use a prepaid SIM not your actual number.

FSM tries its best not to track you or allow third party services to track you. You may notice we don't use ads or social share buttons.

We don't ask for your email or any other personal info. Hell, we don't even have Google Analytics on the site. FSM tries to provide you with valuable info in a way that respects your privacy.

If you would like to support FSM consider donating with Bitcoin: 1Hfuq77gKKFJeNcq4EP4dQK3yDRWrFEwJR

Alternatively you can buy us a coffee. ( one time payment )