Millions of Facebook users were abruptly logged out of their accounts during the late afternoon hours of Friday, September 28, 2018.
No explanation, no warning.
When they logged back in, they saw the following screen at the top of their newsfeed.
 |
| Many Facebook users were greeted by this screen after being abruptly logged out of their accounts on Friday September 28, 2018 |
It seems that THREE DAYS ago, on September 25, 2018, Facebook was made aware of an attack on their system where attackers stole Facebook digital keys which would allow the same bad actors to take over other people's Facebook accounts.
Facebook says they "don't know" if anyone's Facebook information was accessed BUT they wanted to let users know what they were doing to protect your accounts.
That amounts to -- ABSOLUTELY NOTHING.
If continuing to monitor is all they are doing, every single affected Facebook user is in serious trouble.
Facebook feels that by logging people out more than 3 days later, that they prevented the attackers from using the tokens to access these accounts.
Geez, They've had them for three whole days already!
Two of our Webmasters, Cally Russell and John George, were two Facebook accounts that were logged out on Friday afternoon.
Now: Think about this.......
Facebook knew about this attack on SEPTEMBER 25th and didn't log anyone out until SEPTEMBER 28th - THREE FULL DAYS LATER.
How the hell is waiting that long considered protecting anyone?
Facebook knew about this attack on SEPTEMBER 25th and didn't log anyone out until SEPTEMBER 28th - THREE FULL DAYS LATER.
How the hell is waiting that long considered protecting anyone?
The advice they gave on this warning was that they do not feel anyone needs to change their passwords.
W - H - A - T????
The one thing Webmasters Cally Russell and John George and Maggie King tell ALL users to do whenever there is ANY suspicious activity is....
CHANGE YOUR PASSWORD.
For a social media site equipped with the knowledge and security that is attributed to Facebook's intelligence, for them to give that advice is beyond comprehension.
They are giving this no more importance than swatting an annoying fly on your computer monitor.
They are giving this no more importance than swatting an annoying fly on your computer monitor.
Your Passwords are your first line of defense in your online security.
While we are not experts by any great shakes, any advice we give you should be considered "armchair" advice meant to help you to be safe to exist in today's online world. As we learn, we teach.
We are sorry to say this but we feel that Facebook's expert advice doesn't measure up.
SO WE ARE GIVING YOU THIS ADVICE:
If you were logged out of your Facebook account on Friday September 28, 2018, we are telling you NOT to pay attention to that advice from Facebook.
We are sorry to say this but we feel that Facebook's expert advice doesn't measure up.
SO WE ARE GIVING YOU THIS ADVICE:
If you were logged out of your Facebook account on Friday September 28, 2018, we are telling you NOT to pay attention to that advice from Facebook.
IMMEDIATELY CHANGE YOUR PASSWORD
Use the String Along method.
Navigate to your screen to change your password.
If you have one in your head, get rid of it. Put your hands on the keyboard and randomly pick out letters, numbers, UPPER case, lower case, and symbols.
The best advice to make the best passwords is to make it long and make it strong. 10 to 16 characters is great!
If you can read a word in your password, you need to mix it up better.
Add in some symbols like $$$ and ### in between UPPER and lower case letters. It makes the password harder to guess and trips the password guesser apps.
Unfortunately it also makes it harder to remember. As much as good advice says NOT to write down passwords, when you use String Alongs, you need to write them down. They are too hard to remember and too easy to confuse.
If you use a sentence and take the first letter of each word, there are new password guessers that will crack it in a minute.
Do not use real words but rather random letters that make no real words and ... make no sense.
DO IT NOW.
Use the String Along method.
Navigate to your screen to change your password.
If you have one in your head, get rid of it. Put your hands on the keyboard and randomly pick out letters, numbers, UPPER case, lower case, and symbols.
The best advice to make the best passwords is to make it long and make it strong. 10 to 16 characters is great!
If you can read a word in your password, you need to mix it up better.
Add in some symbols like $$$ and ### in between UPPER and lower case letters. It makes the password harder to guess and trips the password guesser apps.
Unfortunately it also makes it harder to remember. As much as good advice says NOT to write down passwords, when you use String Alongs, you need to write them down. They are too hard to remember and too easy to confuse.
If you use a sentence and take the first letter of each word, there are new password guessers that will crack it in a minute.
Do not use real words but rather random letters that make no real words and ... make no sense.
DO IT NOW.
Referring to the text on the above screenshot, Facebook says
"If we find more people have been affected, we will immediately log them out and then let them know what happened."
Sorry Facebook. That's not good enough.
By the time the bigwigs at Facebook find out, many more Facebook accounts could be compromised while they are waiting to see if the "Access tokens" (Digital keys) that were stolen are put to use to access people's Facebook accounts.
By the time the bigwigs at Facebook find out, many more Facebook accounts could be compromised while they are waiting to see if the "Access tokens" (Digital keys) that were stolen are put to use to access people's Facebook accounts.
In our opinion, the handling of this incident goes beyond the pale. For a social media giant to be so lasse' faire about the security of its users and to go so far as to tell them there is no need to change their passwords is unconscionable.
Your Password is one of the few security measures any user has to be safe online.
CHANGE IT NOW.
CHANGE IT NOW.
**********************
To show you what the other two screens said:
 |
| The first screen (shown above) was followed by this second screen featuring "I can't log in" advice. |
**********************
 |
| The second screen was quickly followed by this third screen |
We have told you before and we will tell you again.
Facebook is not going to keep you safe and secure. You have to keep on top of your own security.
No comments:
Post a Comment