Facebook provided more details on Friday how it attempts to protect the account information and passwords of its users whose private information unwittingly ends up on file-sharing websites that hackers typically frequent.
To keep itself informed of what stolen account information may be lurking on the web, the social network’s security team looks out for news on data breaches and then routinely scans so-called “paste” sites to see if any of the information on these sites belongs to Facebook users.
After gathering the stolen email and password combinations, the security team then funnels that info over to a program that can convert the data into a format that Facebook can understand. Because Facebook encrypts the passwords of its users in its own database using a hashing algorithm that turns user passwords into jumbled-up versions that only Facebook can recognize, the company needs do the same with the stolen credentials so…
View original post 171 more words