Study On Threats To Correct Password Errors Focused On Facebook Cases
Main Article Content
Abstract
Recently it has been discovered that login is possible even if there is a typo in ID or password on Facebook. Facebook explained, "For the convenience of users, we allow some level of error in ID or password." In addition, "Security issues such as hacking are safe because they are strictly limited in the scope of typos and identify password entry methods rather than simple typographical errors." In this paper, We want to confirm Facebook’s claim. We can analyze the type of typos of users and guess these effects. And We want to check the problem of the function that allows typos. Facebook is used by many people in many countries. That is also being serviced in Korea. Allowing typos means that Facebook save password in plain text. The Korean Privacy law enforces one-way encryption of passwords. When personal information is leaked, there is a lot of problem. Among them, the password has a large extent of damage. because many people use the same ID/password on various sites. The hacker who hacked into one site will attempt to steal information from other sites with the same ID and password. Therefore, the password should store the hash value.
Downloads
Metrics
Article Details
Licensing
TURCOMAT publishes articles under the Creative Commons Attribution 4.0 International License (CC BY 4.0). This licensing allows for any use of the work, provided the original author(s) and source are credited, thereby facilitating the free exchange and use of research for the advancement of knowledge.
Detailed Licensing Terms
Attribution (BY): Users must give appropriate credit, provide a link to the license, and indicate if changes were made. Users may do so in any reasonable manner, but not in any way that suggests the licensor endorses them or their use.
No Additional Restrictions: Users may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.