Too Long; Didn't Read
Let’s get into the nitty-gritty. The only way you can reset your password on <a href="https://hackernoon.com/tagged/facebook" target="_blank">Facebook</a> (if you’ve forgotten one) is through entering a 6 digit passcode. Well that’s 10⁶ = 1,000,000 possible combinations. Some algorithm which Facebook uses (that is yet to be cracked) generates seemingly a random 6 digit code whenever a person requests a password reset. That code does not change if you request it from <a href="http://mbasic.facebook.com" target="_blank">mbasic.facebook.com</a> until that code gets “used.” That could possibly mean that if 1 million people request a password within a short amount of time such that no one uses their code to reset the password, then 1,000,0001 person to request a code will get a passcode that someone from the batch has already been assigned.