Hotmail was once one of the biggest email providers on the internet, but its popularity slowly started to dwindle once Yahoo and Google hit the scene. There are still a lot of people out there who use Hotmail. Anyone using it for their Facebook accounts have unknowingly had their security compromised for an unknown length of time through a password reset glitch that was just recently brought to Facebook’s attention.
One glitch is all it takes
Those who use Hotmail for their Facebook accounts should be extra cautious because a password reset glitch was recently discovered by a Turkish security researcher who goes by the name of Serkan Gencel. Apparently, Facebook passwords of Hotmail users could be changed by exploiting the password reset mechanism. Luckily, Gencel has been keeping mum on how exactly he does it, and he made sure to tell Facebook first before going public with this piece of news. Facebook quickly plugged the security loophole. The exact statement from Facebook went, “We were notified of this vulnerability by a Turkish security researcher via our white hat queue, and we worked quickly to resolve the problem.” So, if you’re a hotmail user and you’re still worried, don’t be. Facebook has likely gone berserk ensuring that the loophole was fixed, and fast. Still, it’s best to be doubly certain, so now might be a good time to think about changing passwords.
Earning Facebook’s Gratitude
Gencel earned Facebook’s gratitude for his actions and has been praised for bringing the loophole to Facebook’s attention rather than exploiting it himself. Facebook said Gencel was “demonstrating the value of responsible disclosure”. Indeed, if only all people could be like Gencel then we’d have little problems with online security. Then again, who knows how long this security loophole has been around; there might have been other people before Gencel who knew about this. There might already be victims who have had their passwords stolen. There’s really no way of telling. Furthermore, could there possibly be other glitches out there that have yet to be discovered? In this day and age, it’s hard to know which services you can trust. Even the most trustworthy service providers are not immune to glitches, hacks and exploits. Your best defense when it comes to this is to keep the data you post in the internet limited. Your Facebook page likely won’t be too interesting, but then again, it’s much better to be safe than sorry.