“Hey, Facebook, asking for a password from personal mail for verification or any other purposes is a HORRIBLE idea from the point of view of information security. You so entice passwords that you should not know! “
Facebook asked e-sushi for a password from the email to confirm the address.Despite the fact that the social network offered him the option “See how it works,” it turned out to be inactive, the expert wrote.
In a comment for Daily Beast, a Facebook spokesman admitted that requesting a password from an email was “not the best idea” for verifying mail. The social networks promised to remove this feature.
Also, Facebook noted that they did not save the passwords they had received and offered users other ways to confirm the address. They could be seen by clicking on the “Need Help?” Button in the lower left corner of the window.
The Daily Beast noted that it is impossible to estimate how many people were faced with a password request from the mail. Presumably, the social network requested confirmation only from those who use rare email clients.
The publication called the situation “more than suspicious” because of repeated cases when Facebook violated the privacy of users’ personal data. So, just two weeks ago, the social network admitted to storing “hundreds of millions” of user account passwords in an unencrypted form.