Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Sign-In Integrations

Discussion in 'Security' started by rpvw, Sep 29, 2018.

  1. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    1,088
    Likes Received:
    442
    Trophy Points:
    113
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    caveat venditor

    It was revealed that Facebook has had as many as 90 million account profiles exposed due to a code error that was introduced in July 2017.

    Apart from exposing private profiles, this error allowed account access tokens to be stolen, potentially allowing miscreants to use them to log into any other account or service that was connected to a Facebook account.

    Any server operator who has allowed their users an ability to log into any account using a connected Facebook account may want to re-appraise their policy.

    Facebook reports that all the security holes surrounding this exploit have now been patched, and that in theory, all access tokens already in use should have now been annulled or expired.

    Further information can be obtained from Security Update | Facebook Newsroom
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,503
    Likes Received:
    2,179
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi @rpvw,

    Thanks for sharing!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Anupam SG

    Anupam SG Active Member

    Joined:
    Aug 29, 2018
    Messages:
    38
    Likes Received:
    15
    Trophy Points:
    8
    Location:
    Earth
    cPanel Access Level:
    Root Administrator
    IMHO, the sign-in integrations should not even exist for cPanel. It just adds an additional point of failure in server security. I was unpleasantly surprised when I saw this feature introduced in the WHM release. Ease of access =/= robust security.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice