Published Date : Oct 03, 2018
With the year’s biggest data breach, Facebook was largely criticized as it allowed hackers to take not only users account details but they can also access third party websites that user logged in through Facebook. Here the concern is to fix the issue that is actually out of hands of Facebook.
According to the recent research report from the University of Chicago, states that some of the most popular sites have not implemented basic security precaution that would have restricted the Facebook hack. If they would have taken more care with the implementation of Facebook’s Single Sign-On feature, as this feature helps in accessing different services and sites through one’s Facebook account rather than creating a different password for every site, with this, the impact of the hack could have been limited to the Facebook itself.
Instead, hackers could have possibly accessed everything from one’s private messages on Tinder to their passport information on Expedia, everything even without leaving a trace. Even more surprising: the person who has not used Facebook to log into a third party site is at a risk.
As per the paper published by computer scientist Jason Polakis and his colleagues analyzed what are the ways by which hackers could have exploited Facebook’s Single Sign-On tool. Besides Facebook, Google has its own version and various other so-called identity providers. But Facebook’s was most widely implemented, says Polakis. He also added by saying, by relying on thousands of smaller websites, one should rely on one that provides better security.