Click the Facebook link at the top of your profile, and then scroll down to your security questions and answers. You’ll see your settings there. Click the Log In button to get back to Facebook.
You should never be able to log in to your account from a computer that you’ve never used before, nor should you be able to without getting a security code from Facebook. If you’re asked to verify a security code, you should contact Facebook immediately.
Go to your account settings then scroll to the bottom and click on security questions & answers. Scroll through a few pages and fill in the settings, including questions such as your mom’s maiden name, your major in college, the name of your first (or first few) pets, and a list of your addresses from grade school to present. Click Save Changes, and then click Log Out to get back to Facebook.
“In order to send his email address to the attacker, the user has to move inside his application’s folder, and he has to click on ‘get file’ to download the file from the user’s documents folder of his machine,” Sammouda said. “Before you can download, most likely the user will have to send his email address to you in exchange for the file. And at that point, the user will be crawled by us,” he added.
The researcher published a video showing the situation. “The server crawls you and tries to fetch email details. It crawls your whole PC (browser history, passwords and hashed passwords) and then tries to find email details. If everything goes well, you are sent an email, containing your password in clear text. If not, it downloads this file and sends it to the attacker,” he wrote in a blog post. 7211a4ac4a