Your Facebook Password is Not Completely Case Sensitive!

Facebook-passwordFacebook passwords are not ‘completely’ case sensitive. You actually have 3 passwords for your Facebook account, including the normal password with which you login.

So what are those other two passwords, apart from the one you know?

  1. Your actual Facebook password with case reversed.
  2. Your actual Facebook password with first letter capitalized, this is only available for mobile devices, though.

For example, if your password is “fAcEbOoK’, then “FaCeBoOk” (case reversed) serves as an alternative password.

This also means that if your password is completely in lower case, then you can login to your Facebook account even with Caps Lock on.

If you’re logging into Facebook from a mobile, then if the first letter gets capitalized by mistake, still you can login with no problem.

This is not a bug in Facebook, they intentionally designed in this way. This is not even a security loophole as it’s the same password, what has changed is just the capitalization, so it will take the same number of brute force attacks to crack it.

Source: ZDNet


Techno September 16, 2011

I see lots of facebook posts now.

Techno September 16, 2011

so it will take the same number of brute force attacks to crack it.

That’s incorrect.

Vibin September 16, 2011

I mean, they will be nearly same, because capitalization is the only thing that’s changing. This again depends on the password, if the reverse cased password has equal combination of upper and lower case letters, then the reverse case password may take more time to crack. On an average we can say that, reversing the case doesn’t effect the security.

SportsNub September 16, 2011

Well, that’s something I’ve never knew about. Thanks for sharing it.

Mobdee September 16, 2011

Wow cool! Nice discovery!

jitendra September 17, 2011

I tried the 1st one but it is not working…

jitendra September 17, 2011

my mistake…typed in wrong password. Its working. Thanks for sharing.