It’s time to change your passwords again.
Facebook announced Friday its security team had discovered a vulnerability affecting 50 million users. “We are taking it really seriously,” Facebook chief executive officer Mark Zuckerberg said in a statement.
“This allowed [the attackers] to steal Facebook access tokens which they could then use to take over people’s accounts,” Facebook said in a statement. “Access tokens are the equivalent of digital keys that keep people logged into Facebook so they don’t need to re-enter their password every time they use the app.”
What steps should I take right away?
Facebook claims you won’t need to change your password because of what has happened, but in our view better safe than sorry.
We certainly recommend changing your password – and not only at Facebook, but at Instagram, Twitter and other social media accounts as well.
Visit Facebook’s Help Center – click the circled question mark near the top of the screen to get there – near to change your password, implement two-factor authentication (Facebook will ask for a security code if it notices a log-in from an unusual device), or take other steps. Meanwhile, in the Security and Login settings, you’ll see a list of all the places that you log into with your Facebook account; Facebook lets you log out of those places with a single click.