Facebook introduced “profile picture guard” to strengthen the security of individual users. The idea was to allow users to prevent others from stealing their profile pictures, which is a common phenomenon across the Indian subcontinent.
The feature was meant to put an additional layer of security for users who do not want others to misuse their profile pictures. However, there’s a small glitch that allows one to bypass Facebook profile picture guard.
The protection attached with “profile picture guard” is exceptional. For instance, even if you try to use the “Inspect” option on a modern PC browser like Chrome to unearth the source URL of the picture, you’ll most likely fail to bypass the profile picture guard. At best, you could get a low-resolution version of the photo, not the one with the original or satisfactory resolution.
From a smartphone, it’s even more difficult. At times, the user might allow you to view the profile picture, but there’s no “download” or “view full size” option. You wouldn’t be allowed to take screenshot either.
But the glitch, which would easily allow one to bypass Facebook profile picture guard, which I’ve found involves finding the person or the subject’s “entity_id”, which can very easily be discovered, and a static URL. Here’s the process:
Time needed: 7 minutes.
Bypass Facebook profile picture guard on mobile
- Copy the Facebook profile of the subject
Go to the Facebook profile/timeline of the subject. And copy the URL.
- Find the entity_id of the profile
On a PC browser, you could simply use the “view page source” option to find out the entity_id of the subject. But on a mobile phone, finding the entity_id of a Facebook user is a bit tricky. The easiest way I found was to use an online tool: lookup-id.com.
Open lookup-id.com on your mobile browser. Paste the copied URL of the subject’s profile on the search bar of lookup-id.com, and hit the “Lookup” button.
It will immediately reveal the entity_id number of the subject. If your first attempt fails, try several times. And, copy the revealed entity_id number.
- Use the graph.facebook.com
Now, copy this URL: https://graph.facebook.com/USERNAME/picture?width=800. Replace the USERNAME with the copied entity_id number that you found from lookup-id.com. If the entity_id number you found was 123456789, the URL would look like this: https://graph.facebook.com/123456789/picture?width=800
Now hit the okay/enter button and the link will redirect to the URL of the original version of the subject’s profile picture.
Let me know what do you think of this trick. Did it help you? Could you avoid or bypass Facebook profile guard and find the actual version of the subject’s profile picture? I hope, yes.
But I caution you to not abuse the trick. The credit goes Prosenjit Das who first revealed the trick on Quora. I simply modified it for mobile phone users.