The Latest in IT Security

Change your Facebook Password!

11
May
2011

Facebook LogoFacebook confirmed a security problem with their old, proprietary authentication system: When using Facebook Apps like games or similar, the access token – something like a key to your Facebook account – could leak to some advertisers which were showing ads then. With this access token, it is possible to impersonate the user: Post in the users name, getting access to all information and so on. Facebook say that they now have taken counter measures so these leaks can’t occur anymore – but in the old logfiles of the advertisers, those access tokens can still be found.

As Facebook now support OAuth 2.0, the company advises App providers to switch to this open and mature authentication system – which Google, Yahoo, Twitter and so on support as well. Users should change their Facebook password, which invalidates the old access token and generates a new one. This way, advertisers can’t abuse the token anymore even if they start data mining their logfiles for access tokens now.

Dirk Knop
Technical Editor
techblog.avira.com

Leave a reply


Categories

THURSDAY, MARCH 28, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments