Today, Facebook revealed that 200–600 million user passwords had been stored in a plain text file on an internal server. This left the affected users vulnerable and searchable by more than 20,000 employees – with around 2000 taking advantage of this. However, Facebook did state that no passwords were shared or leaked externally.
Any affected users will be directly notified, and Facebook is not advising anyone to change their password. But, given the number of employees who accessed those passwords, we’d urge you to err on the side of caution and change yours just in case.
Instances like this, where passwords are stored and accessible in plain text, are a good example why you should use a unique password for each site. Having a unique password means that the bad practices of one company don’t lead to your account being compromised on other sites where you use the same password.
To keep your passwords truly secure, change them any time you suspect they’ve been compromised. We know it can be time-consuming to keep track of every website you visit and any security issues they might have, but that’s where Watchtower steps up. Watchtower integrates with Pwned Passwords, a service that allows you to check if your passwords have been leaked on the Internet. 1Password will stay on top of things and alert you to compromised logins and breaches so you know when to change your password.
Keep your accounts and passwords secure by signing up for 1Password Families.