Facebook Stored Millions of Passwords in Plain Text. Here's How to Change Yours

iStock.com/courtneyk
iStock.com/courtneyk

If you're concerned about online security, you may have already reconsidered your relationship with Facebook. The social networking giant has earned a reputation for mishandling users' data and leaving them vulnerable to hacking. Now there's a new reason to reassess your profile: As KrebsOnSecurity reports, Facebook has been storing passwords in plain text since 2012, meaning they were easily readable and searchable for years for those with access to Facebook's internal workings. Any users should change their passwords as soon as possible.

Over the last seven years, between 200 million and 600 million users had their passwords made vulnerable by the security flaw. The passwords were saved in Facebook's internal password management system in plain text that required no decoding to read. According to Facebook, "hundreds of millions of Facebook Lite [its app for low-power-usage devices] users, tens of millions additional Facebook users, and tens of thousands of Instagram users" were affected.

Tech companies normally encrypt the user passwords they store in their databases. Without encryption, anyone who has access to those files can read that sensitive information without facing any barriers. Facebook's security issue left passwords open to up to 20,000 company employees, and according to KrebsOnSecurity, "access logs showed some 2000 engineers or developers made approximately 9 million internal queries for data elements that contained plain-text user passwords."

Facebook claims to have fixed the problem and plans to reach out to every user who was affected. Because there's no sign that the passwords were leaked or mishandled, the company won't require users to change their passwords. But given Facebook's reputation for security, all users should probably change their passwords as a precaution.

To change your Facebook password, go to Settings and then Security and Login. Go to the Change Password option under Login and select Edit. From there, you'll be able to set a new password after entering your current one. Here are some tips for developing a strong password.

[h/t KrebsOnSecurity]

Looking to Downsize? You Can Buy a 5-Room DIY Cabin on Amazon for Less Than $33,000

Five rooms of one's own.
Five rooms of one's own.
Allwood/Amazon

If you’ve already mastered DIY houses for birds and dogs, maybe it’s time you built one for yourself.

As Simplemost reports, there are a number of house kits that you can order on Amazon, and the Allwood Avalon Cabin Kit is one of the quaintest—and, at $32,990, most affordable—options. The 540-square-foot structure has enough space for a kitchen, a bathroom, a bedroom, and a sitting room—and there’s an additional 218-square-foot loft with the potential to be the coziest reading nook of all time.

You can opt for three larger rooms if you're willing to skip the kitchen and bathroom.Allwood/Amazon

The construction process might not be a great idea for someone who’s never picked up a hammer, but you don’t need an architectural degree to tackle it. Step-by-step instructions and all materials are included, so it’s a little like a high-level IKEA project. According to the Amazon listing, it takes two adults about a week to complete. Since the Nordic wood walls are reinforced with steel rods, the house can withstand winds up to 120 mph, and you can pay an extra $1000 to upgrade from double-glass windows and doors to triple-glass for added fortification.

Sadly, the cool ceiling lamp is not included.Allwood/Amazon

Though everything you need for the shell of the house comes in the kit, you will need to purchase whatever goes inside it: toilet, shower, sink, stove, insulation, and all other furnishings. You can also customize the blueprint to fit your own plans for the space; maybe, for example, you’re going to use the house as a small event venue, and you’d rather have two or three large, airy rooms and no kitchen or bedroom.

Intrigued? Find out more here.

[h/t Simplemost]

This article contains affiliate links to products selected by our editors. Mental Floss may receive a commission for purchases made through these links.

More Than 38,000 Pounds of Ground Beef Has Been Recalled

Beef-ware.
Beef-ware.
Angele J, Pexels

Your lettuce-based summer salads are safe for the moment, but there are other products you should be careful about using these days: Certain brands of hand sanitizer, for example, have been recalled for containing methanol. And as Real Simple reports, the U.S. Department of Agriculture’s Food Safety Inspection Service (FSIS) recently recalled 38,406 pounds of ground beef.

When JBS Food Canada ULC shipped the beef over the border from its plant in Alberta, Canada, it somehow skirted the import reinspection process, so FSIS never verified that it met U.S. food safety standards. In other words, we don’t know if there’s anything wrong with it—and no reports of illness have been tied to it so far—but eating unapproved beef is simply not worth the risk.

The beef entered the country on July 13 as raw, frozen, boneless head meat products, and Balter Meat Company processed it into 80-pound boxes of ground beef. It was sent to holding locations in Florida, Georgia, North Carolina, and South Carolina before heading to retailers that may not be specific to those four states. According to a press release, FSIS will post the list of retailers on its website after it confirms them.

In the meantime, it’s up to consumers to toss any ground beef with labels that match those here [PDF]. Keep an eye out for lot codes 2020A and 2030A, establishment number 11126, and use-or-freeze-by dates August 9 and August 10.

[h/t Real Simple]