Subscribe for premier reporting on free speech, privacy, Big Tech, media gatekeepers, and individual liberty online.

Facebook wants the password to your email account

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

When it comes to user privacy and data safety, it’s almost impossible to expect good news from Facebook. The social media behemoth has been caught happy to collect, sell, use and abuse that data, and also operate its vast kingdom with shocking disregard for security.

But this did not deter CEO Mark Zuckerberg from announcing a new focus on none other than privacy, in a long-winded statement made less than a month ago, that now seems almost forgotten.

More recently, Facebook had another announcement to make: that it had been storing up to 600 million passwords its users need to access the service in plain text, putting these files within easy reach of over 20,000 Facebook employees – and that this had been going on since 2012.

With this newly established reputation for being terrible with password security, Facebook would now like its users to hand over – some more passwords. This time, the passwords to the email account that they used to create their Facebook account. Why? That remains unclear.

The Daily Beast says the social platform has been pestering users with a message reading, “To continue using Facebook, you’ll need to confirm your email (…)” and then asking for their email password in a separate box underneath.

The publication picked up the story from a tweet posted by “e-sushi” and said that it was able to test and confirm this happening. Whether or not users are asked to surrender their email passwords to Facebook hinges on whether they used email to sign up.

source: @originalesushi

But the puzzling demand, that got one security researcher, Jake Williams, to describe it as “beyond sketchy” – seems to be on its way out, the Daily Beast is reporting, citing an emailed response it received from Facebook.

The “good” news here is that Facebook promised not to store the email passwords collected in this way; and users also had the ability to opt out of this process and log in by using codes or links sent to phones or emails – but the trick was to find the option, as it was stashed away under the “Need help?” link “in one corner of the page.”

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Read more

Join the pushback against online censorship, cancel culture, and surveillance.

Already a member? Login.