FB Social Engineering

[WhysoS3rious]

Hello,
sorry to put this here but wanted to share the last 30 minutes of my time  .
A friend got to do a password recovery on his fb because of a security question. So beware people,other people knowing your username and some info about you can easily do a password recovery of your fb. Guess the security we put 5-6 years ago on our fb questions.
His security question was his mothers birthplace , anyone knowing him would know that.

Tried it on my account and it did a recovery too. No way to disable security question, no way to change it.

PS: Who want to help to track down the evildoer Got the public IP from FB and also an email adress.
Now waiting for him to answer the email so I can read the headers for some more info. Any other idea?

[0E 800]

I dont even know the birthplace of my own mother.

Did you know you don't have to answer the questions in a way that makes sense?

Q:What is your mothers place of birth?
A: potato bitch

Bet no one would guess that one.

[WhysoS3rious]

Security by obscurity, your mother though of that
Yes but actually people put the true info so after 2 years they can remember it and potato bitch my guess at least is after 2 weeks gone and pinky unicorn the next try.

[truecam]

Why don't you just write down your critical passwords and information in the inside of a textbook or dictionary...... or porn magazine.

[Melatonin]

Wow, never knew some people answered truthfully to those security questions...