Facebook does not store plain-text passwords. They use advanced, salted cryptographic hashing algorithms (like bcrypt). Even if a hacker breaches Facebook's core servers, they would get a list of unreadable hashes, not a text file named password.txt .
While hackers use these to find leaked credentials, these files are usually from Facebook’s own systems. Instead, they are often from smaller, poorly secured websites where users might have reused their Facebook passwords. How to Protect Your Data index of passwordtxt facebook exclusive