Please Disable Facebook Connect ASAP

by JustAPixelDamnit

Original Post

Please Disable Facebook Connect ASAP

★★★ Newbie

Hello There o7

With the current wave of AccountHackings (mainly due to the fact that users dont have 2FA or/and weak passwords) I figured I do some experimentation on the matter.

After some Trial and Errors I was able to duplicate an SWGOH Account within seconds to a secondary (newly created) EmailAdress.
Both Emailadresses are working at the same time as a login to said accounts and can cancel each other out (24h timeout popup issue).

There is NO security meassure IN PLACE from your end to check the facebook connect, no requestcode or whatsoever.
I used a freshly created facebook AND googlemail account to duplicate the Account from an existing email adress to a new E-mail account.

For the time being you should really disable Facebook Connect or implement a secondary auth system inbetween that requires some sort of confirmation.

Since this can be considered a tutorial how to duplicate I would appreciate that you delete this post AFTER you pushed it up the chain and DEAL WITH IT

Kind regards

Message 1 of 1 (188 Views)
Twitter Stream