Home / Software & Gaming / Security / Facebook is actively searching the dark web for stolen passwords

Facebook is actively searching the dark web for stolen passwords

Facebook has come to the realization that securing a server just isn't enough to keep passwords out of the hands of cyber criminals anymore, which is why the company is approaching security a little differently. Facebook has announced that for the past few months, they've been searching anonymous posting sites like Pastebin and the dark web for leaked passwords and pro-actively trying to login to accounts to check if the password is legitimate.

As we saw earlier this week with Dropbox, or last month with iCloud, just securing a server isn't enough to keep passwords out of the hands of cyber criminals. Plenty of site users can fall victim to phishing scams amongst other methods of obtaining passwords.

c8ddFacebook-app-for-Android-600x293

If Facebook can confirm that a working password is up for grabs on the net, then the user will be notified and their password will be automatically reset. The obvious hope here is that if a password makes its way on to the dark web, Facebook will find it before more criminals do.

The core of the problem is password recycling as if you use the same password across many sites, a hacker only needs to find your password once to have access to many accounts.

You can read more about Facebook's new Password protection measurements, HERE.

Discuss on our Facebook page, HERE.

KitGuru Says: It's not necessarily Facebook's fault if someone manages to steal your password outside of the company's own database, so  it's good to see that the social network's security team is taking a pro-active approach to keeping accounts safe from cyber criminals. 

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems.