Saved in:
Bibliographic Details
Main Author: Rivasseau, Thomas
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.12665
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912647013728256
author Rivasseau, Thomas
author_facet Rivasseau, Thomas
contents Modern web and digital application password storage relies on password hashing for storage and security. Ad-hoc upgrade of password storage to keep up with hash algorithm norms may be used to save costs but can introduce unforeseen vulnerabilities. This is the case in the password storage scheme used by Meta Platforms which services several billion monthly users worldwide. In this paper we present the first example of an exploit which demonstrates the security weakness of Facebook's password storage scheme, and discuss its implications. Proper ethical disclosure guidelines and vendor notification were followed.
format Preprint
id arxiv_https___arxiv_org_abs_2510_12665
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Hash chaining degrades security at Facebook
Rivasseau, Thomas
Cryptography and Security
Modern web and digital application password storage relies on password hashing for storage and security. Ad-hoc upgrade of password storage to keep up with hash algorithm norms may be used to save costs but can introduce unforeseen vulnerabilities. This is the case in the password storage scheme used by Meta Platforms which services several billion monthly users worldwide. In this paper we present the first example of an exploit which demonstrates the security weakness of Facebook's password storage scheme, and discuss its implications. Proper ethical disclosure guidelines and vendor notification were followed.
title Hash chaining degrades security at Facebook
topic Cryptography and Security
url https://arxiv.org/abs/2510.12665