How securely do they store user passwords & how good are they at letting us know?
Note: As part of a routine security review in January 2019, Facebook found that some user passwords were being stored in a readable format within their internal data storage systems. The issue has affected hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users. Facebook has since fixed the issue.
Site uses a slow hashing function, this is disclosed "on-site", in the docs, FAQ, etc.