Flaw In Facebook Account Recovery | Facebook Account Hacking And It's Countermeasures



Facebook Account Recovery Security Flaw

Facebook , the biggest social networking in the world . No one has been able to produce such site ever . It is not just the best social networking site but also the 2nd ranked site on alexa ranking . It means that it has got the 2nd biggest traffic after the world famous search engine Google.

However , site like Facebook also has got flaws in it . Recently i have discovered that the account recovery option can be used to hack accounts . It's even more easier than the phishing and is also legal as your just recover account , it is the different matter that you recover account of someone else . :)

Process Which is used to Recover/Hack Facebook Account in this way:-

You need no software , no knowledge on anything. First of all before anything just create three fake accounts and make your victim to add them.

Now follow these steps:-

  • Goto Facebook.com/recover.php
  • Enter the username of the account you want to hack . It would be written in the second bar:-


  • And then proceed . Facebook will give you your victim account and will give you first,middle and last letter of the account's id . Just click the option No longer have access to these which would be given under the id of the account:Facebook Recovery Password Flaw

  • Then Facebook will ask you to enter new email . Just enter an email of your own .
  • It will then take you to the last step which is of sending a recovery code to your trusted friends. As we have already added our three fake accounts , now we can send recovery code to our fake accounts .
  • Then goto the id of each fake account get the code enter it and get your victim's account in your hand.

Countermeasure (So, that our readers may not fall prey of such attacks):-

  1. First of all do not let any one add three fake accounts even if the person is your best friend.
  2. Always have a check on your friends and keep on checking which is faker and which is real.

OR


  1. Connect your facebook profile with the phone number and always keep a check on your phone number as any one can recover your account after getting physical access to your phone number.