Despite all the assurances of Facebook in a serious attitude to data security and numerous scandals, the company continues to amaze with its dubious practices. Recently, the social network was caught in some cases when registering new users; it asks for an email password to confirm registration. Such actions threaten the privacy and safety of users, security experts believe.
The first to notice the problem was the Twitter user under the pseudonym of e-Sushi. According to the message, Facebook asked to provide passwords to third-party mail services for automatic verification of the email address. It should be noted that the request was displayed only in cases of using certain email providers, regarded by Facebook as suspicious.
I tested it myself (a) by registering 3 times from 3 different email addresses, 3 different IP addresses, and 2 different browsers. In two cases out of three, a request for a password from an email was displayed after clicking on the “Register an account” button on the registration page. By following this path, you practically get passwords that you shouldn’t know – e-Sushi
Facebook representatives confirmed the existence of such a verification process but stressed that the company does not store passwords on its server and intends to terminate this practice.
We understand that password verification is not the best way so we will not offer this option – Facebook
At the same time, Facebook indicated that, if desired, the user can choose another verification option.
Earlier, Facebook was accused of storing the passwords of hundreds of millions of social network users on its own server in an unencrypted form, and recently the founder of the social network Mark Zuckerberg published an open letter in which he proposed to develop global rules for regulating the Internet, including in the area of data privacy.