Open AccessStudy On Threats To Correct Password Errors Focused On Facebook Cases
Author(s) -
Won-chi Jung et.al
Publication year - 2021
Publication title -
türk bilgisayar ve matematik eğitimi dergisi
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.218
H-Index - 3
ISSN - 1309-4653
DOI - 10.17762/turcomat.v12i6.1967
Subject(s) - password , computer science , computer security , cognitive password , hacker , password strength , internet privacy , password policy , login , s/key , password cracking , personally identifiable information , hash function , encryption , one time password
Recently it has been discovered that login is possible even if there is a typo in ID or password on Facebook. Facebook explained, "For the convenience of users, we allow some level of error in ID or password." In addition, "Security issues such as hacking are safe because they are strictly limited in the scope of typos and identify password entry methods rather than simple typographical errors." In this paper, We want to confirm Facebook’s claim. We can analyze the type of typos of users and guess these effects. And We want to check the problem of the function that allows typos. Facebook is used by many people in many countries. That is also being serviced in Korea. Allowing typos means that Facebook save password in plain text. The Korean Privacy law enforces one-way encryption of passwords. When personal information is leaked, there is a lot of problem. Among them, the password has a large extent of damage. because many people use the same ID/password on various sites. The hacker who hacked into one site will attempt to steal information from other sites with the same ID and password. Therefore, the password should store the hash value.