Do-Not-Open-Attachments-from-Facebook-Login
Recently I got a suspicious looking email that had an zip/archive attachment. The from address read “Facebook-Manager” to make it look legit. My email client downloaded this email and the attachment was immediately removed by my Anti-Virus. Here are some KEY points:
* Facebook does not update your password for any reason.
* Except you nobody knows your password (unless you tell them), and not even facebook has the actual password that you will be typing in. Wondering how? Because, all passwords are digest-encrypted and stored in their database. “What the hell does digest-encrypted mean??” - Let’s say your password is the most unguessable “password” ( LOL ). Facebook stores it as “5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8”. This is SHA1 encrypted (it is not named after me). So, anyways, the point is, it is a ONE-WAY-encryption! It is impossible even for a computer to deduce how that 5b-blah-blah was arrived at.
* Facebook verifies if your password is correct only at the time of login and only when the digest-encryption of the password you enter at login matches the digest-encryption in the database. So your password is never seen in plain-text and it is impossible for a human to that’s already encrypted.
So, the only way to know your password is by getting it from you making you type or say in places other than FaceBook.com. Do you disagree?
Recent Comments