View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 10, 2016

Facebook buys black market passwords for user account safety

The company’s chief security officer says there is a difference between security and safety.

By CBR Staff Writer

Facebook is buying passwords that hackers sell on the black market in order to keep user accounts safe.

The social networking giant will cross-reference the purchased black market passwords with encrypted passwords used on the site.

Speaking at the Web Summit 2016 technology conference in Lisbon, Portugal, Facebook chief security officer Alex Stamos said that more than 1.3 billion people use Facebook every day, and keeping them safe is a huge task.

Stamos said there is a difference between security and safety. While security focuses on building attack-proof software with less or zero vulnerabilities for attackers to exploit, safety is larger than that.

The security chief was quoted by CNET as saying, “The reuse of passwords is the No. 1 cause of harm on the internet.”password

Stamos said Facebook is implementing a safety-orientated building culture in order to avoid vulnerabilities and bugs from being exploited.

The executive said the username and password system, which was first introduced in the 1970’s, was not built for 2016.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The company is using Social Graph algorithms with a small subset of users’ data in order to identify when a login attempt could be fraudulent.

Facebook is of the opinion that an attacker may also compromise the usual password link sent to an email account.

The company plans to use social connections to verify the users’ identity who lose their password and access to their Facebook account prior to unlockin it.

Facebook will get in touch with some of users’ closest connections instead of email to offer data used for verification processes.

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.