Did Facebook Mishandle Your Instagram Password? What To Do If You're Among The Millions Affected

instagram passwords stores wrong
In this photo illustration, the social media application logo, Instagram is displayed on the screen of a computer on March 15, in Paris. Chesnot/Getty Images

Facebook updated an old post in its online Newsroom titled "Keeping Passwords Secure" on Thursday with new information about millions of Instagram accounts that had their passwords stored in a "readable" format.

The original post said that a routine security check in January found that some passwords were stored in a readable format on Facebook's internal systems. Originally, Facebook said the accounts impacted were "Hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users."

The latest update, added Thursday morning at 10 a.m. EDT, said that since the post was originally published in March, Facebook found that millions of additional Instagram users were impacted. "Our investigation has determined that these stored passwords were not internally abused or improperly accessed," said the update from Facebook.

"This is an issue that has already been widely reported, but we want to be clear that we simply learned there were more passwords stored in this way. There is no evidence of abuse or misuse of these passwords" a Facebook spokesperson told Newsweek.

The original post clarified that the passwords, even though they were stored in a readable format, were only stored on the internal data storage systems at Facebook. This means nobody outside of the company was able to see the passwords, Facebook said. It also said that there was no evidence that they were used improperly then, which they reiterated Thursday.

"We have fixed these issues and as a precaution we will be notifying everyone whose passwords we have found were stored in this way," said the original post from the company.

The company did not say how it would be notifying users if they were one of the millions who had their passwords stored in this way.

Any users concerned about their password possibly being exposed should change it and make sure their new password is secure and complex. They can make sure their password has never been exposed by checking it on a Pwned Password website.

Facebook and Instagram users concerned about their password security can change it online in the settings part of their account. To change their Instagram password, they should tap the three lines in the upper right corner of their profile. From there they should choose the gear wheel icon for settings, then privacy and security and then password. They'll be able to reset the password there by first entering their current password and then their new one.

Facebook also recommended that users set up their security key or two-factor authentification on their accounts.

This story was updated with a statement from a Facebook spokesperson.

Uncommon Knowledge

Newsweek is committed to challenging conventional wisdom and finding connections in the search for common ground.

Newsweek is committed to challenging conventional wisdom and finding connections in the search for common ground.

About the writer


Nina was a breaking news reporter. She previously worked at Business Insider, The Boston Globe, and Boston.com.

To read how Newsweek uses AI as a newsroom tool, Click here.

Newsweek cover
  • Newsweek magazine delivered to your door
  • Newsweek Voices: Diverse audio opinions
  • Enjoy ad-free browsing on Newsweek.com
  • Comment on articles
  • Newsweek app updates on-the-go
Newsweek cover
  • Newsweek Voices: Diverse audio opinions
  • Enjoy ad-free browsing on Newsweek.com
  • Comment on articles
  • Newsweek app updates on-the-go