Less than a week since Dropbox accounts were posted on text storage service Pastebin, Facebook is taking measures against password dumps on the Internet.
The company has announced a new method for securing user accounts, saying that it has come up with a system that automatically analyzes whether a person's details have shown up somewhere on the Internet.
Stealing data like account login credentials can have a ripple effect as people use the same credentials across different sites. Hackers, therefore, publish these login info on the web.
"Lots of household company names have experienced the unpleasant phenomenon of seeing account data for their sites show up in these public lists, and responding to these situations is time-consuming and challenging," Chris Long, a security engineer at Facebook, said in a blog post.
To deal with the security breaches, Facebook has put in place a system that automatically searches for public posts that contains people's user information. The social network's new security method works by monitoring a selection of different paste sites for stolen information.
Facebook cross-references the data with reports of large scale security breaches. The company then sets in motion a fully automated process that checks whether the email and passwords posted publicly matches the user logins on Facebook.
"In other words, no one here has your plain text password. To check for matches, we take the email address and password and run them through the same code that we use to check your password at login time. If we find a match, we'll notify you the next time you log in and guide you through a process to change your password," Long said.
This is not the first time that the system has been used. According to Long, Facebook used the same method in dealing with the Adobe hack last year. The security breach, which exposed the usernames and passwords of more than 100 million Adobe account owners, resulted in a data mining effort that compared login credentials between the two services. As a result of the hack, Facebook hid the profiles of people with the same usernames and passwords on Adobe and their own service.
