Hacking a person’s Facebook account is really difficult, especially for those who are newbies and simply want to sneak into their boyfriend’s or ex’s conversation with their Facebook friend(s). This is because Facebook uses hash technique to store its users’ passwords. An end user usually thinks that the passwords are stored directly as entered by them but this is not the case. Whatever password you enter while creating your account, the Facebook makes a code of that by doing some sort of calculation and then stores that data.
Suppose, your password is “mountain123”, the Facebook is not going to store these exact alphanumeric characters. Instead of that its code would look something like “$2$WEppdf/1ZyOLoc6ka” and this code is stored into the database. Such codes are programmatically calculated and are never reverted back. This is known as hashed password. So, if you think that you have lost your password and Facebook is going to mail you that through mail then you are absolutely wrong because this is not encryption-decryption method. Now how Facebook knows that whatever password you enter is correct or wrong? To understand that, suppose you typed “icecream999” instead of “mountain123”, the hashed password would be something different, say “$r#7FaQO87ghxx8xLlI”, and not “$2$WEppdf/1ZyOLoc6ka”, using the same calculation. Clearly these don’t match at all and hence the warning sign will come. You will be able to login only if you enter “mountain123”.
Now the question arises how to hack a Facebook account? Many people would claim this is not possible but still a minor blunder may cost for life! The two main very common methods used by the hackers are – Keystroke logging and Phishing.
Keystroke logging is the approach of keeping the record of every key that is pressed. The hackers somehow manage to reach the target’s personal computer and install the keystroke software. As and when the person enters anything in any of the websites his every key being hit is monitored. He never notices this and makes his data available to his offenders.
Phishing is the method of creating a fake login page that resembles the actual one and connects that with the offender’s own server. Whenever a user enters his details there, everything is saved in the remote server and could be used against the targeted victim anytime. Phishing method cannot be accomplished by any random person. It really needs thorough programming skills.
Another method most hackers follow is through sending an SMS or calling, making a fake scenario of some kind of urgency and ask directly for personal information, including password. By reading this, anyone would think that how one could directly give his or her own password but the situation makes them do so.
There is always an option of “Forgot password?” that previously could be used to reset by clicking on the link sent to the Email address you just entered, but with time security measures has been kept really tight in order to prevent any random person from resetting your password. Therefore, unless the software confirms that it is really you it won’t allow you change someone else’s password.
Do not rely on some softwares that claim to be effective in just by typing the usernames and detecting the passwords. These don’t work at all. Hacking others’ passwords is not that easy as A,B,C.
Methods to secure own password
1. Use Firewall – The Firewall will fence your system against so many types of offenders, including the keystroke logging software. It will never allow it to get installed and will definitely warn you if similar acts are intended. So, you will be able to protect your computer against anything. This is all up to you since the responsibility of safeguarding the personal computer is with the owner and no one else.
2. Rely on genuine website – The login webpage will look exactly like the real one but there would still be notable difference like the URL that won’t be www.facebook.com but something else. Therefore, always pay attention whenever you enter your username and password.
3. Change password every month – This is the most genuine advice of all. Changing passwords frequently always protects from getting hacked since most people tend to share their passwords with the close friends or relatives that might affect their own security.
4. Do not use the same password that is used for other sites – If someone comes to know about your password that you use for other sites, chances are your Facebook account would get hacked in no time since hackers are pretty sure of this fact that people get lazy when it comes to remembering different passwords for each site.
5. Do not allow any random application to run – While using Facebook, one could find so many advertisements of so many applications such as quiz or games that might ask you enter your user ID and password. Do not rely such apps since these could steal all of your valuable details within no time.
A UK based researcher, named Jack Whitten, earned $20,000 for finding out hacking any account in Facebook. What he did was just sending a text message via mobile phone. He typed a letter “F” and sent that to 32665, which is a code number for Facebook in the UK. As expected he received a confirmation message “Facebook mobile confirmation code: 69rykqgj” with an 8-digit confirmation code.
Normally that confirmation code was to be entered into the Facebook form and continue that by clicking the button, but at this point he discovered that every user is given a unique profile ID and that the code could be used against anyone’s existing account through a small change in the lines of code. He changed the value of profile_id to someone else’s, thereby misleading the Facebook in such a way that according to the changed code his own mobile number was linked to the targeted profile. Everyone is given a unique profile ID which had to be used in that case. Without knowing the profile ID further tasks couldn’t be done. Using this code his mobile number was confirmed through which he could anytime reset the password of anybody. Instead of using that against someone he reported that and therefore received the money.