Facebook Account Gmail

0 views
Skip to first unread message

Latisha Gervase

unread,
Aug 3, 2024, 11:38:59 AM8/3/24
to puthepicgast

Don't worry - it's quick and painless! Just click below, and once you're logged in we'll bring you right back here and post your question. We'll remember what you've already typed in so you won't have to do it again.

I have a premium account on my spotify connected via facebook and It has a yahoo mail ID. I want to merge it to my spotify account with gmail ID which is not a premium account. How can I merge both accounts ?

If you would like to change your email address, follow these steps. Keep in mind if your Spotify was created through Facebook, you won't be able to disconnect it and you would have to create a new account. More information about Spotify and Facebook can be found here.

I've been playing around with different login forms online lately to see how they work. One of them was the Facebook login form. When I logged out of my account my email and password were autocompleted by my browser. Then I decided to misspell my email and see what would happen if I tried to log in.

To my surprise I logged in with no problem after changing my email from [email protected] to [email protected]. I then started experimenting with different spelling errors and I had no problem logging in as long as it was not too far off my real email. I tried changing the domain name as well [email protected], my email prefix [email protected] etc.

Then I also tried misspelling my password and as long as it was not too far off my real password I could log in no problem (with the password it worked when adding one random letter before or after the real password, but not when adding a letter in the middle of it).

Facebook is allowing you to make a handful of mistakes to ease the login process. A Facebook engineer explained the process at a conference. The gist of it is that Facebook will try various permutations of the input you submitted and see if they match the hash they have in their database.

For example, if your password is "myRealPassword!" but you submit "MYrEALpASSWORD!" (capslock on, shift inverting capslock). The submitted password obviously doesn't match what they have stored in their database. Rather than reject you flat out, Facebook tries to up the user experience by trying to "correct" a few common mistakes such as inserting a random character before or after, capitalizing (or not) the first character, or mistakenly using capslock. Facebook applies these filters one by one and checks the newly "corrected" password against what they have hashed in their database. If one of the permutations matches, Facebook assumes you simply made a small mistake and authorizes your session.

While worrying at first glance, this is actually still perfectly secure for a few reasons. First and foremost, Facebook is able to do this without storing the password in plaintext because they are transforming your provided (and untrusted) input from the form field and checking if it matches. Secondly, this isn't very helpful for someone trying to brute force the password because online attacks are nigh impossible thanks to rate limiting and captchas. Finally, the odds of an attacker/evil spouse knowing the text of your password and not the capitalization are abysmally small and so the risk created as a result of this feature is equally small.

It is long know that Facebook allows you on purpose to log in with the password case reversed or the first character capitalized (see this article). They do this while storing only a hashed password. Are you seeing that more differences are allowed?

Apparently, they also have some similar usability features for the email address.Automatically "correcting" gmail.comm to gmail.com is actually harmless, since there's (currently) no comm tld, so nobody would actually have a valid gmail.comm email address. I am however surprised that they would allow gmadil.com (currently for sale) or a different username, as that could be someone else's email address.

They might have decided that usability is of utter importance and, if there is a log in attempt for an email address for which there is not an account, automatically attempt the log in with the most similar username, but -while not completely bad- it doesn't seem a good approach, as someone else could sign up tomorrow with the [email protected] email and, although unlikely, also use Password123 as password, then what?

Update: This had been tested a few years back by Lukas on Does correcting misspelled usernames create a security risk? and apparently logging in with a misspelled email address only works when you have not deleted Facebook cookies from your earlier session. Thus, it only autocorrects your email address when it knows that you used to log in as [email protected], and otherwise fails.

If you consider the login process as a whole, this measure can actually increase security. Instead of granting users several login attempts to manually fix common misspellings, the site tries to fix those misspellings automatically. As a result, the average number of login attempts a user needs goes down, which means a more strict rate limiting to an attacker who tries out various common passwords, not slight variations of the same password.

I would like to deactivate my Facebook account, but am afraid of losing my (premium) chess.com account. Facebook is the only way I know how to login to chess.com. Also, I no longer have access to the email address chess.com has on file for my account (because I graduated and lost my .edu email). Does anybody know how I can separate my chess.com account from my Facebook account? I have tried logging in using my username and my Facebook password, and again using my old .edu email address and Facebook password, but neither works. Thank you!

Send a Support ticket via with the details of the new e-mail account you want to use, and they should be able to switch over as well as deconnect your Facebook account. There may be some verification requirements before they actually make these changes, though.

I am interested in this also. I tried Caedrel's suggestion several times, but every time I try to submit my request I get a error message saying the server isn't available or something. I also tried Daniel's suggestion, but it askes for my current password and I don't know what that is. My Facebook password doesn't work. I tried to request a password change, but that wants to know what my current email is and none of my emails seem to work.

I am having the same issues. Chess.com does not allow me to disconnect a facebook or gmail account and ONLY provides a way to change the password IF I know the current password. (there is not one.)
This is very frustrating.

On the connected to Facebook one, when did you do it? If it was recently, give it a little time to see if it awards it. If it hasn't appeared in 24 hours, you can contact support and they should be able to unlock it for you.

For all those who has the same issue, if you no longer want to log-in using facebook for your airbnb account, all you have to do is set a password. Go to www.airbnb.com/forgot_password. Just enter the email address on the airbnb account. A reset password link will be sent to that email and just follow through with the process.

@Stephen10 Yes, ABB doesn't make it easy for contacting them. Here's a helpful link to help with contact. I don't know the answer to your question as I don't log in with FB, but I'm sure ABB will be able to help you.

On this same note I do not like any business on Facebook they have enough information about us already. I don't need them knowing what accounts I have and allowing me to log in anywhere with or through them

Thanks. This worked. After I disconnected my account from Facebook, I was able to go into my profile and change my email to the one I use. They sent a verification to the new email, I clicked on the link and my new email was verified!!! This took quite awhile to figure it all out, but at last I don't have to worry about missing an email telling me I was accepted and they booked a place for me!!!!

I'm not a host, so I got out of this community page and into airbnb.com. There I was able to sign in and click on my picture in the upper right corner. The dropdown had edit profile, clicked that, on left side was 'Trust and Verification'. Clicked that and Facebook was a choice. In box, it said Disconnect, clicked that and it enabled me to go back and edit profile, where I could change email.

First, my goal was to switch from an FB log in to a password log in - because FB is blocked from my work computer and so I wasn't able to book any work travel using this method. My goal was not to remove FB entirely, just simply remove it from being the only log in option, so this system may not work for you if you are hoping to disconnect from fb entirely.

1) The AirBnb help forum says that to remove this log in system, you need to log out and then go through the "forgot password" chain and then the issue would be resolved. However, sitting here on my work computer I don't even see that option. The only option I am given is to sign in through facebook. No forgot password link.

1A) I logged onto my phone browser, and checked the desktop browser option so it didn't default to mobile. I logged out, got back into the sign in screen, and for some reason on this view the "forgot password" option was there. I did all of that and it worked! I now had a password.

1B) The above worked fine for my phone and for my mobile app. So I go to the desktop, the whole reason I'm even doing this, and IT STILL WANTS ME TO LOG IN TO FB. I was about to pull my hair out. So I click the option "Sign into another account" ....that is where you are able to just straight up put in your email and your new password. Its basically hidden!

c80f0f1006
Reply all
Reply to author
Forward
0 new messages