Facebook has been caught asking users to hand over their passwords for third-party email services to verify their accounts. Facebook confirmed the existence of such “dubious” verification process but also claimed it doesn’t store the user-provided email passwords on its server. Facebook also said it would end the practice of asking for email passwords altogether. It’s ironic that this news came just two weeks after Facebook admitted it mistakenly stored passwords for “hundreds of millions” of its users insecurely in plaintext for years in company logs.
Source: https://thehackernews.com/2019/04/facebook-email-password.html