Twitter asks users to change passwords due to bug

Share

The timing of the announcement is interesting, to say the least: It was tweeted just after 4 p.m. ET, which is conveniently right after the markets close.

"This situation is somewhere between a low-to-medium level security issue". It said that there was no evidence or indication that passwords had... Every time you log into your Twitter account, you will also be prompted to enter a code that will be sent to your phone.

So what actually happened to the passwords?

Bleeping Computer has reached out to Twitter to inquire about the number of affected users, but the social network did not respond before this article's publication. These are then stored in Twitter's system. That change is a process called hashing, and the jumbled version is called a hashed password. Twitter found the bug, removed the passwords from the log, and are planning ways to prevent this from occurring in the future.

The company announced on Thursday it discovered a bug that saved user passwords unprotected on an internal log.

Cracked window forces US passenger jet diversion
Wells Fargo executive Jennifer Riordan, 43, died after she was partially sucked out of the broken window. Several passengers have shared pictures of a broken window on Twitter.

A sign outside the Twitter headquarters in San Francisco as seen in this April 2017 photo.

To change your Twitter password tap on your profile picture on the Twitter website or mobile app. Twitter said no one outside or inside the company did that, which is good!

A spokesperson for Twitter said an internal investigation into the bug is ongoing, but wouldn't say how long the passwords had been exposed.

Still, the company said its 330 million users should "consider" changing their passwords to be on the safe side. According to Twitter, they use a function known as bcrypt which replaces your password with a random set of numbers and characters.

Enable two factor authentication for login verification.

Share