Security Bug: Twitter asks all users to change their passwords
Twitter has asked its over 330 million users to change their passwords after admitting that the company inadvertently recorded user passwords in readable text on its internal system due to a glitch. While the problem has been resolved, you are still highly suggested to change your password to ensure the security of your Twitter account.
Exposed passwords weren't accessed in any way: Twitter CEO
Passwords are disguised by a process known as hashing
Passwords are protected through a cryptographic process called "hashing." But a bug caused them to be accidentally stored in plaintext instead of being disguised by a well-regarded hash function called bcrypt that Twitter uses. The unprotected passwords were stored before they could be completely hashed.
A major gaffe for a big social media company
As a security measure, Twitter is notifying both mobile and desktop users to change their passwords. Notably, the company did not specify how many passwords were affected. David Kennedy, CEO of penetration testing firm TrustedSec, said, " Twitter is taking the right steps by requesting everyone change their password and making the bug public versus hiding it."
The bug has been fixed: Twitter CTO Parag Agrawal
Enable two-factor authentication to prevent you account from being hijacked
To change your account's password, navigate to Settings and privacy > Password. Enter your current password and then choose a new one. To set up two-factor authentication, go to Settings and privacy > Account. In the "Security" subsection, click on "Review your login verification methods", enter your password to confirm, and receive second-factor codes via SMS.
