I’ll be honest with you. I don’t use Facebook much. I’ll log in once in a while to see what my 400+ “close friends” are up to, scroll twice and log out. But usually I get on Facebook just to do a quick post on FSM’s page.
You might care more about Facebook than I do. And don’t worry… next time you log in, if you type in the wrong password, you’ll still get in.
Here’s the deal. Let’s say your FB password is “password”. You can type “1password” or “password1” ( or replace “1” with any other character ) and you’ll still be able to get in.
I’m not a security expert so I can’t explain why is this allowed. But in my book, no matter what the reason is, it’s a security flaw. I’m also a bit paranoid ( maybe too strong of a word ) and my first thought was…. OK, once people will figure it out it will be all over the news and then Facebook will prompt users to change their passwords.
Once a user changes his/her password, next step will be to “upload a clear photo of your face“. And I suppose you can figure it out why they want you to do that. To keep you safe. Wink wink.
To be clear, I’m not saying that’s the reason behind it. I’m only saying that this was my first thought. So in the meantime, you might want to turn on two-factor authentication by going to Settings > Security and Login. You might also want to use the “Recovery Codes” for 2FA, but if you want to use the SMS option, do me a favor and use a prepaid SIM not your actual number.