Hmm. I wouldn’t call it a hack. Lets call it crack which suits more. Anyways, lets start the way a classical story starts.
It was the time when I was during my Internship, and using Facebook, now and then. One fine day, one of the mentor told me “You know what. Facebook allows you to recover your account using a new email address that is not linked to facebook”. I was like – What the hell? No. But it wont be hackable. It is the largest social networking site”. But I did take a chance to crack into my facebook account. So logged out of my facebook account, cleared my browser’s cookies, and stopped there. Shit. Why can’t I just use the Incognito window. So there I go. A new incognito window, type facebook, CTRL+ENTER, and click – Forgot the Password link.
What happens? It asks for email, username, or your name and one of your friends name. I chose the worst case. Name and Friend’s name. Entered it and I was presented with a list of email address and a phone number which are masked by *, as in m*@********.in. Then there was an option, “I have no access to any of these”. That being the testing part, I chose that and used my Festember account email address, that was not linked with any of my previous email accounts as well as in Facebook. Not so fast buddy, you have a checkpoint to be crossed now.
This checkpoint is called “Secret Question and it’s Answer” 
. The secret question appears. “What is the name of your first pet?”. Hmm. I remember entering a silly answer to this question. Ofcourse, most of you would have entered a silly answer and would have chose this question. Let me talk about this part a little later. For now, lets continue in the story mode. First try “puppy”, I entered, the browser spitted on me throwing an error. Lemme think, “I don’t have a pet, stupid question”, hmm what about “tiger”, I entered, there I go, OMG, it got through and the following message appeared – “The password reset link is sent to my email address”. I checked my Festember account mail and there I had a nice new email, “Facebook password Reset link”. and I checked my other email accounts and there it was “Facebook password reset. If you did not request for a password reset Click here”.
Nice enough. So happily clicked the password reset link from my new account, and I got the page where it said “Enter new password” and “Confirm new password”, happily entered the new password, and clicked Submit. Now What ??? Not so fast buddy. The next page loaded. 
=> 
=> 
. happiness to sadness. This page contained the content “Your account will remain blocked for 24 hours. This is for security purposes and blah blah ….. “.
So no more facebook for 24 hours. Hmm. Thats, actually fine, but the thing I need to worry about is “Any one can change my password and block my account for 24 hours.” Now I can’t even login and change my secret question. My mentor, sitting by my side replied – “Sorry buddy, You cannot change your security question. There is no such option in Facebook settings.”. What the Fffffffreak. So what do I do now. “Wait for 24 hours. Now you continue your work.”
I’m not gonna give up. Surely facebook wouldn’t have allowed some idiot to crack into some profile just by typing a pet name called “tiger”, there should be some security. So I tried logging in with my old password. It threw an error which said “Use your new password”. Now what do I do ?. I wont be able to login with my old password, and if I do with my new password, I wont be able to access my account. So I tried resetting my god damn password again. Went through the same procedure after some 6 hours, went to the “Forgot password section”, and just found that my festember email was linked to the facebook account. Ohhhhhh. Myyyyyy. Godddd. So I sent a password reset link to my Festember email account, and then reset my password.
Now I tried to login with my new password, and guess what. It worked. The story ends.
NOTE: Kind request, please don’t try to hack into my account with the answers I mentioned above. I just forgot to mention one more thing. After the second time password reset, it allowed me to change my secret question and I changed it. But there is no option to change your secret question in Facebook settings. And you wont get one too if you do the above mentioned procedure. It just comes once and doesn’t appear in your settings.
In the middle of the story, I paused and mentioned “lets find about this a little later”. This is about the secret questions. There are only 4 questions in the list in Facebook. All these four questions are such that you can directly ask any question to any person and that person wouldn’t hesitate to answer you. For example, if your friend asks you, “What is the first pet you had?”, and you had a pet, would not you be thrilled to tell the happy moments with your first pet, and a story about the first pet – Girls especially. So, at this place, your friend could get your first pet’s name, and happily crack into your facebook account, if you are not in sync with your email account, or facebook account for more than 24 hours.
Now the sad part is that anyone can see your secret question and ask that to you. And as I said, there are only 4 of them which are so silly. And the saddest part is, even after knowing this, you won’t be able to change your secret question. Hmm, not because of this, Facebook is considered insecure, but because of something else also, that is a bit too technical to be discussed in a story.
One small advice, you can have as many email accounts as possible, but always have one secondary email account that you will be checking most frequently and make sure this secondary email account is linked to every service you are using over the web. And regarding Facebook, I’m sorry.
Dei Mass da !!!! I liked the last line the most ” regd fb . I am sorry ”
:) awesome piece !! keep going machaa . . and it wuld be better if u culd avoid the cliche . u sorta used the word “shit” , “man” so many times . but no issues . u ll get better !! and the whole blog luks neat . not so gaudy . its simple n perfect !!
You have login approvals right? So ur acc can never be hacked!!!
Then what more do u expect from facebook???
Anyways sites like yahoo don’t allow you to even see your own security questions!
What do you want from facebook ?
Hmm. Privacy, Security.
And how many of them have login approvals enabled? and even if they enable it like I did, they get so pissed off, that they disable it the second time they use facebook.
Even login approvals don’t help when you want to recover your account through a new email id, just because you say facebook that you don’t have access to any of the accounts that you have linked with it.
And regarding security, go check out “facebook security issues” to know about the technical details of the same. Then you would know that this is just like adding extra sugar.
I tried to recover my account using seceret question and defined a new email account (as both of my FB and email account was hacked), after the correct answer to the question, Facebook asked me wait for next 24 hours. Sure, I waited but even after 24 hours when I try to login with my new email account and password the stupid facebook says “We’re sorry. The email you used to start the account recovery process is already in use. Please restart the process with a new email address.”
So freaking disappointing, even after 24 hours!!!
Btw what did you mean by “Festember account” ? Is this the old associated email account or the new one?
If you meant the new email account by festember then yes, I have tried to restting the password with new email account but it says this email is not liked or used or something like that.
Facebook said come back and log-in after 24 hours, now its more than 24 hours and I still can’t access my account. All it says is “We’re sorry. The email you used to start the account recovery process is already in use. Please restart the process with a new email address.”