Your Facebook Password is Not Completely Case Sensitive!

Facebook-passwordFacebook passwords are not ‘completely’ case sensitive. You actually have 3 passwords for your Facebook account, including the normal password with which you login.

So what are those other two passwords, apart from the one you know?

  1. Your actual Facebook password with case reversed.
  2. Your actual Facebook password with first letter capitalized, this is only available for mobile devices, though.

For example, if your password is “fAcEbOoK’, then “FaCeBoOk” (case reversed) serves as an alternative password.


This also means that if your password is completely in lower case, then you can login to your Facebook account even with Caps Lock on.

If you’re logging into Facebook from a mobile, then if the first letter gets capitalized by mistake, still you can login with no problem.

This is not a bug in Facebook, they intentionally designed in this way. This is not even a security loophole as it’s the same password, what has changed is just the capitalization, so it will take the same number of brute force attacks to crack it.

Source: ZDNet

Published by Vibin

Mac, blogging, Android, UI/web design, programming, coffee, engineering. In descending order. Reach me at [email protected]

8 replies on “Your Facebook Password is Not Completely Case Sensitive!”

    1. I mean, they will be nearly same, because capitalization is the only thing that’s changing. This again depends on the password, if the reverse cased password has equal combination of upper and lower case letters, then the reverse case password may take more time to crack. On an average we can say that, reversing the case doesn’t effect the security.

Comments are closed.