This notion is a bit of a long shot, but with a little bit of luck and a little bit of foresight, it could work.
This notion is a bit of a long shot, but with a little bit of luck and a little bit of foresight, it could work. According to a report, Facebook’s “Three Trusted Friends” password recovery method makes it quite easy to hack into user accounts without knowing any sort of secret code. Create three phony Facebook accounts and friend your intended victim as the first step. This is when luck and intelligence come into play. You must ensure that your target accepts these friend invitations, thus you must make them appear to be genuine persons they may know.
The easy part occurs after they’ve accepted all three friend requests. Click the “Forgot your password” option on the account login page. This will take you to a page where you’ll be asked for your email, Facebook username, or your name and the name of a friend. It’s not difficult to obtain these facts from your victim’s account.
Note the “No longer have access to these”
Following that, you’ll be directed to a screen where you’ll be prompted to authenticate the account in question by uploading a profile image (in this example, your victim’s profile picture). The victim’s phone number and email address will be included in the list of options to send a password reset. At the bottom of the page, there’s a link that says “Can’t access these right now,” which when clicked takes you to the page with the three trusted pals. You’ll be given a list of the account holder’s pals, and you’ll select the three you made. You will receive a reset password from those pals, which you will use to gain access to your victim’s account.
This system has two weaknesses, neither of which is particularly serious. One, as previously said, is that your victim is obligated to accept these buddy requests. Two, if you choose not to have access to any of those email addresses, you will receive an email from the victim informing them that they have opted to reset their password. They’ll be aware that their account is being used fraudulently, but they won’t be able to do anything about it because changing their password will be ineffective. The most they can do is alert Facebook that they have not attempted to reset their account information.
Note: This is supposed to be more of a warning than a how-to on how to hack someone’s account. Be wary of who you accept friend requests from, and, of course, instantly respond to an email claiming you’ve requested a password reset (when you haven’t).