|
|
|
|
|
|
by 146
5724 days ago
|
|
|
You need your existing (real) password to change your password; e-mail is still possible to change. Probable attack vector is to do "lost password" link and then change it, but the same is applicable to anyone with a smartphone too (it just now applies to anyone with any phone hooked up to FB). |
|
|