Modern web and digital application password storage relies on password hashing for storage and security. Ad-hoc upgrade of password storage to keep up with hash algorithm norms may be used to save costs but can introduce unforeseen vulnerabilities. This is the case in the password storage scheme used by Meta Platforms which services several billion monthly users worldwide. In this paper we present the first example of an exploit which demonstrates the security weakness of Facebook's password storage scheme, and discuss its implications. Proper ethical disclosure guidelines and vendor notification were followed.

翻译：现代网络与数字应用中的密码存储依赖哈希算法实现存储与安全性。为节约成本而临时升级密码存储方案以符合哈希算法规范的做法，可能引发不可预见的漏洞。Meta Platforms公司为全球数十亿月活用户提供的密码存储方案即存在此问题。本文首次通过实证案例揭示Facebook密码存储方案的安全缺陷，并探讨其潜在影响。研究过程遵循了规范的伦理披露准则并完成了供应商告知流程。