The Latest in IT Security

Change your Facebook Password!

11
May
2011

Facebook LogoFacebook confirmed a security problem with their old, proprietary authentication system: When using Facebook Apps like games or similar, the access token – something like a key to your Facebook account – could leak to some advertisers which were showing ads then. With this access token, it is possible to impersonate the user: Post in the users name, getting access to all information and so on. Facebook say that they now have taken counter measures so these leaks can’t occur anymore – but in the old logfiles of the advertisers, those access tokens can still be found.

As Facebook now support OAuth 2.0, the company advises App providers to switch to this open and mature authentication system – which Google, Yahoo, Twitter and so on support as well. Users should change their Facebook password, which invalidates the old access token and generates a new one. This way, advertisers can’t abuse the token anymore even if they start data mining their logfiles for access tokens now.

Dirk Knop
Technical Editor
techblog.avira.com

Leave a reply


Categories

SUNDAY, SEPTEMBER 24, 2017

Featured

Archives

Latest Comments

Social Networks