Connect with us

Facebook

Facebook really tried asking some users to hand over their email password

Who at Facebook seriously thought this was a good idea?

person scribbling on facebook logo on phone
Image: Unsplash

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Facebook, you know, the company notoriously known for bad security practices, was caught asking users to verify their identity by making them hand over their password to their email account. Yup, that’s right, a social media company asking you for the password of your email account. Totally normal, right?

In a revealing report published today by The Daily Beast, the company is being accused of asking new users to hand over the password of their email account as a way to verify their identity. The company said the only users who were asked this were folks who listed an e-mail address that didn’t use the secure OAuth protocol, which is basically a third-party system Facebook uses to identify a user.

Facebook users are being interrupted by an interstitial demanding they provide the password for the email account they gave to Facebook when signing up. “To continue using Facebook, you’ll need to confirm your email,” the message demands. “Since you signed up with [email address], you can do that automatically …”

In a statement provided to Axios, Facebook offered some reasoning as to why they started doing this:

“A very small group of people have the option of entering their email password to verify their account when they sign up for Facebook,” but noted that people could choose instead to confirm their account with a code or link sent to their phone or email.

Thankfully, Facebook is putting a stop to this. They later told The Daily Beast after their story published, “We understand the password verification option isn’t the best way to go about this, so we are going to stop offering it.”

Um yeah, no shit. Who in their right mind thought this was a good idea? And in an attempt to save face, the company said it never stored the passwords. But given their track record, that’s probably not the case. I can’t confirm it, but Facebook isn’t a company that’s known for always telling the truth.

Either way, if any social platform, especially Facebook, asks you to fork over any password – don’t do it. Seriously, don’t. Then again, there’s always bigger things to think about.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Kevin is KnowTechie's founder and executive editor. With over 15 years of blogging experience in the tech industry, Kevin has transformed what was once a passion project into a full-blown tech news publication. Shoot him an email at kevin@knowtechie.com or find him on Mastodon or Post.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in Facebook