How I bypassed a Facebook security measure

Social networking is the next marketing and communication tool everyone is looking at. Facebook is one major player in that consideration.

I have been digging more into sites like Facebook and I will publish a post very soon explaining the risks of Facebook. For the moment I would like to mention about a security flow that I discovered with Facebook.

First thing I did was creating a Facebook account for a friend of mine at office. The account was created from my personal internet connection trough a Sri Lankan IP.

Then I had to re login to this account from my office where Facebook is blocked. I went through a site which bypasses the proxy to gain access to Facebook. The IP was a different one and Facebook was intelligent enough to identify that the logged in location is suspicious using the IP.

So there was a “road-block” a security check point setup by Facebook to verify whether the real account owner is logging in, it requests for the birth day. Oops I forgot the birth day I have put to that account because I just put some date to create the account thinking that I will be able to change that later.

There was no way to enter the account, then what I did was requesting for a password reset and was able to gain access to the account as soon as the password was reset. Then after few requests to Facebook and there was this road-block again, but by that time I was able to get the birth day and pass that successfully. A potential hacker may also use this method to gain access to accounts which is one security flow Facebook has to fix as I see, but in my case which helped me to recover the Facebook account.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s