Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Master Password Was "Chuck Norris"

Posted by samzenpus on from the ad-nauseum-roundhouse dept.

I Don't Believe in Imaginary Property writes "A Facebook employee has given a tell-all interview with some very interesting things about Facebook's internals. Especially interesting are all the things relating to Facebook privacy. Basically, you don't have any. Nearly everything you've ever done on the site is recorded into a database. While they fire employees for snooping, more than a few have done it. There's an internal system to let them log into anyone's profile, though they have to be able to defend their reason for doing so. And they used to have a master password that could log into any Facebook profile: 'Chuck Norris.' Bruce Schneier might be jealous of that one."

4 of 319 comments (clear)

  1. Re:There's funny... by carvell · · Score: 5, Informative

    The default password only worked from the Facebook office on the Facebook ISP.

  2. Re:There's funny... by Rary · · Score: 5, Informative

    There's funny, and then there's irresponsible. Having "Chuck Norris" as a master password that grants access to any account is most definitely the latter. I would expect that from a couple of teenagers running their first web server, not one of the most popular websites on the Internet.

    Despite what the summary and title say, the password was not "Chuck Norris". The password was a combination of uppercase letters, lowercase letters, numbers, and symbols that essentially spelled "Chuck Norris". In other words, probably something like "(hu(|<N0rr15". Also, it only worked from within the Facebook office, and was only known to certain individuals. It's not like you or I could have used the password from home to enter anyone's account.

    There is a time and a place for silly HTML comments or in-joke variable names, but a master password for a site with hundreds of millions of users is not one of them.

    It's pretty normal for support personnel to have access to production systems in order to provide support.

    --

    "You cannot simultaneously prevent and prepare for war." -- Albert Einstein

  3. Re:There's funny... by Ma8thew · · Score: 4, Informative

    RTFA. Firstly, it wasn't just "Chuck Norris", the interviewee didn't reveal the actual password, but suggested it included numbers and symbols. And secondly, it only worked within Facebook's internal network.

  4. Re:There's funny... by Rary · · Score: 5, Informative

    Inquiry, how do you know this? You from facebook?

    No, I used a novel new approach to acquiring information — I read the article.

    --

    "You cannot simultaneously prevent and prepare for war." -- Albert Einstein