Sep 5, 2012

6 lakh account logins get compromised every day on Facebook

New official statistics by the social networking giant revealed that 0.06 percent of the billion logins that they have each day are compromised. That's more than 600,000 per day - that is one in every 140 milliseconds. (By comparison, a blink of the eye takes 300-400 milliseconds).

The statistic was revealed in an infographic published alongside an official Facebook blog post trumpeting new security features introduced by the firm. The new security features include ‘Trusted Friends’ (called "Guardian angels" in the infographic).

Facebook says that "one will be able to nominate three to five "trusted" friends who can help you if you have a problem accessing your account - if, for instance, someone else has changed its password and locked you out of your e-mail account. The idea is that if you need to login to Facebook but can't access your email account, Facebook will send codes to your friends that they can pass on to you."
Graham Cluley, Senior Technology Consultant at Sophos said, "None of your friends on their own has enough information to access your account, as they are only sent a single code. But, of course, if your "trusted" friends turned out to be untrustworthy and banded together they would - between them - be able to access your account. So you best be sure that you keep a close eye on who your trusted friends are (especially if you're prone to falling out, or they think practical jokes are amusing), and be pretty confident that they are taking their own computer security seriously. Another thought occurs to me - if a bad guy has taken over your Facebook and e-mail account, isn't it likely that he will also change who your trusted friends are at the same time? Wouldn't that make the whole security measure kind of pointless?"
Another new announcement is ‘App passwords’ - meaning that one will no longer have to log into Facebook apps with the same credentials that he uses for his Facebook account. It's certainly a good idea not to use Facebook password with anybody other than Facebook.
"However, it's not hard to predict that the only people who might use such a feature might be those who are already very aware of privacy issues, rather than the great unwashed majority on Facebook," Cluley said.