• Home
  • Technology
  • Gadgets
  • Apps
  • Play Station
  • Social Media
  • News
  • Education News
  • Contact Us !

GlobalTechWorld

  • Apps
  • Education News
  • Gadgets
  • News
  • Play Station
  • Social Media
  • Technology
  • Uncategorized
Upload

Facebook Flaw Said to Let Strangers Into Your Account, Facebook Responds

Submitted By: Loknath Das July 22, 2017 No Comments
Share Tweet +1 Pin It Share

Facebook Flaw Said to Let Strangers Into Your Account, Facebook Responds

A security researcher claims to have spotted a flaw in Facebook’s account recovery feature that can let anyone easily break into your account – that too, without you ever noticing, media reported on Friday. According to a report in the Independent, “there is no need of password to gain access and scammers can also lock you out of your own account”.

The discovery was made by 18-year-old James Martindale when he inserted a new SIM card into his phone.

 Martindale quickly received a message from Facebook informing him that “he had not logged into his account for a while, despite not having tied the new number to his account”, the report said.

He then searched for the number on Facebook which brought up a single account.

Martindale then attempted to log into the account by using the number as the username and typing in a random password but failed because the password he entered was wrong.

He clicked on ‘Forgot Password’ option to recover his account but failed again.

Martindale searched for the account with the new number and found a list of account recovery options — comprising an email address and six phone numbers – for regaining access to the account.

“One of these options was for Facebook to text a password reset code to the very number Martindale had just tried to log in with,” the report said.

After selecting the option, he received the code and successfully logged into the ‘person’s’ account.

“Facebook then gave him the option to change the password, which would have locked the real user out of their account, or to skip that stage, which means he never would have known his account had been hacked,” the report pointed out.

Martindale performed the same trick with another new number and it resulted the same. However, when Martindale pointed out the flaw to Facebook, he was told it was just a “concern”.

Here is Facebook’s entire response, as cited by Martindale:

“There are situations where phone numbers expire and are made available to someone other than the original owner. For example, if a number has a new owner and they use it to log into Facebook, it could trigger a Facebook password reset. If that number is still associated with a user’s Facebook account, the person who now has that number could then take over the account.”

“While this is a concern, this isn’t considered a bug for the bug bounty program. Facebook doesn’t have control over telecom providers who reissue phone numbers or with users having a phone number linked to their Facebook account that is no longer registered to them.”

[“Source-gadgets.ndtv”]

Related Posts

How to Target Audiences Accurately Using Interest Targeting on Facebook

Why Social Media Users Should Never Lower Their Guard

About The Author

Loknath Das

Posts by Loknath Das

Subscribe to Blog via Email

Popular Posts

    Like Us !

    Like Us !
    Top Casino Games For Mobile
    Guide to Change M4A TO MP3 for playback
    TOP 5 PDF Converters
    Copyright © 2021 GlobalTechWorld
    Theme by MyThemeShop