So what are those other two passwords, apart from the one you know?
- Your actual Facebook password with case reversed.
- Your actual Facebook password with first letter capitalized, this is only available for mobile devices, though.
For example, if your password is “fAcEbOoK’, then “FaCeBoOk” (case reversed) serves as an alternative password.
This also means that if your password is completely in lower case, then you can login to your Facebook account even with Caps Lock on.
If you’re logging into Facebook from a mobile, then if the first letter gets capitalized by mistake, still you can login with no problem.
This is not a bug in Facebook, they intentionally designed in this way. This is not even a security loophole as it’s the same password, what has changed is just the capitalization, so it will take the same number of brute force attacks to crack it.