Facebook's one-time password system has security risks- Sophos
IT security and control firm Sophos, stated that Facebook has announced a new feature recently that claims to give users an additional method to keep their social networking account secure. The social networking site claims that its new one-time password feature will make it safer to use Facebook on computers in public places. This feature will enable users to request and receive a temporary password by SMS message which expires after 20 minutes.
However, Graham Cluley, Sr. technology consultant at Sophos warns that this feature could in fact result in further security concerns for users. “If you believe a computer might not be secure in the first place, why would you use it to access personal accounts such as Facebook? A temporary password may stop keylogging spyware, giving cybercriminals a permanent backdoor into your account, but it doesn’t stop malware from spying on your activities online, and seeing what’s happening on your screen,” said Cluley.
He further remarked that, one can gain access to the users’ phone and send a text message, thus gaining the access (users’) Facebook account and the password.
Cluley advised that one should avoid visiting websites like Facebook from computers that may not be running adequate anti-virus software or security patches.
“If you don’t trust the PC, don’t use it to access Facebook - even if you do have a temporary password.Instead, wait until you have access to a trusted PC, rather than risking sharing your personal information with unknown others. There’s a real danger that the one-time-password system will be viewed as a green light by Facebook users to access their accounts from unsafe PCs,” suggested Cluley.
- Suspicious Transactions Up Due To Surge In Digital Payments
- Microsoft, Accenture Team Up To Help Start-Ups
- Weekly Rewind: Top 10 Stories On CXOToday (Jan 8-13)
- Top 5 SMB Tech Trends To Rule In 2018
- What Aadhar Data Breach Means To Digital India And Its Citizens
- Top IT Security Predictions of 2018
- GDPR Key Challenge For Enterprises in 2018
- AI To Play A Decisive Role In Cyber Security
- Are We Waiting For A Bigger Cyber Attack To Strike In 2018?
- Weekly Rewind: Top 10 Stories On CXOToday [Jan 2-6]