Facebook Can Tell You If Your Passwords Have Been Stolen Without Knowing What They Are

Facebook believes you shouldn't have to worry about hacked web passwords.
It's there to protect you, it says.
After the news that hackers obtained 7 million Dropbox passwords by hacking a third-party service that works with Dropbox, Facebook says it has a plan to alert you if your password gets stolen.
Security engineer Chris Long says Facebook has been crawling around websites where hackers sell and expose passwords. Since most people use the same username/password combination for multiple websites, Facebook checks if any of the hacked passwords are used for Facebook accounts.
If if finds a hacked password, Facebook disables the password and notifies the account holder that this password is owned by hackers.
(By the way, Facebook doesn't store these stolen passwords outright. It uses what's known as a "hash" — a unique mathematical representation of them. If the hashes are identical, then it knows the user names/passwords are identical without knowing exactly what they are.)
Facebook has actually been doing this ever since that huge hack of Adobe passwords last year, it says and you don't need to do anything for it to watch over your Facebook password.
But with the latest Dropbox password news, Facebook suggests you take better advantage of this safekeeping service. It wants you to use your Facebook login for your other websites.
In April, Facebook updated its login and announced something called Anonymous Login. Anonymous Login is still in beta. You have to request access.
The idea is that you trust Facebook with your personal information, but you don't need to share any of it with other apps on the Web that you use. It gives you control over what these apps can track about you, and what they can share to your Facebook profile.
FacebookFacebook Anonymous login
The problem, of course, is that some people think that Facebook is the site doing too much tracking. Using Anonymous Login doesn't stop Facebook from knowing who you are and seeing which apps you use.
Still, there might be some benefit to hiring Facebook to be your stolen-password watchdog.
Even if you use a password manager to create unique, hard-to-crack passwords for every website, it's hard to know when hackers have stolen those passwords. Unless the company alerts you to a hack, you might not even know that things like your private photos or documents stored in the cloud are at risk.
If you are going to start using Facebook login (Anonymous or otherwise) as your main internet login, Facebook advises you to add some extra security to it. Sign up so that Facebook will alert you if your login is being used from an unknown PC or phone.