Twitter now wants users to change their passwords. The announcement comes after a bug was found in their internal systems. The bug caused Twitter’s internal server to save the login credentials in plain text rather than in unrecognizable form. Twitter reiterated that there is no evidence that the unprotected login credentials had been stolen or misused in any way. But since the problem was found, they released the warning as an extra security measure.
According to Parag Agrawal, the Chief Technical Officer “Due to a bug, the passwords were written to Twitters internal log in plain text before the hashing process. We found the error ourselves, removed the passwords and in the process of implementing plans to prevent the bug from coming up.”
How to change the Twitter password
To change the Twitter password
- Click your profile image
- Select Settings and Privacy
- Scroll to password
- Enter the existing password and the new password
- Use a combination of words and numbers
- Never use a dictionary word as a password
- Do not reuse the same password twice on your account
- Additionally, use a two-factor authentication which gives an additional layer of protection even if the password is leaked or guessed
Conclusion: Twitter did a good job of finding the bug and reporting before someone else report it. Fortunately, the loophole never got discovered by cybercriminals. Or else, they would have stolen and exploited the login credentials which could be misused or sold in darknet to other criminals. This would have created a bigger controversy, loss of reputation and huge amounts in legal fees.