Change Your Twitter Password Immediately, Bug Exposes Passwords in Plaintext

RESEARCH CREW
8:00 07/05/2018
Twitter is urging all of its 330 million users to change their passwords after a software glitch unintentionally exposed its users' passwords by storing them in readable text on its internal computer system.The social media network disclosed the issue in an official blog post and a series of tweets from Twitter Support.
 twitter-password-hack
According to Twitter CTO Parag Agrawal, Twitter hashes passwords using a popular function known as bcrypt, which replaces an actual password with a random set of numbers and letters and then stored it in its systems.This allows the company to validate users' credentials without revealing their actual passwords, while also masking them in a way that not even Twitter employees can see them.
twitter-password-reset
However, a software bug resulted in passwords being written to an internal log before completing the hashing process—meaning that the passwords were left exposed on the company's internal system.Parag said Twitter had found and resolved the problem itself, and an internal investigation had found no indication of breach or passwords being stolen or misused by insiders."We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again," Parag said.
"We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day."Still, the company urged all of its 363 Million users to consider changing their passwords to be on a safer side.

How to Reset Twitter Password

In order to change your password on Twitter, click on your Profile Picture icon given in the top-right corner, then go to Settings and Privacy → Password. Now, type your current password, and enter a new one, and try keeping it stronger.For the Twitter app for iOS and Android, click on your Profile Picture icon in the top-left corner, and then go to Settings and Privacy → Account → Change Password ("Password" on Android), and create a new, stronger password.You should also change the password on all other services where you have used the same password.You are also advised to enable two-factor authentication service on Twitter, which adds an extra layer of security to your account and help prevent your account from being hijacked.
TIN LIÊN QUAN
🌟 ASCIS là cuộc thi CTF thường niên lớn nhất dành cho sinh viên các nước ASEAN do Hiệp hội An toàn thông tin Việt Nam (VNISA) chủ trì phối hợp với một số đơn vị tổ chức, dưới sự bảo trợ của Bộ Giáo dục và Đào tạo, Bộ...
🚩 Cuộc thi An toàn Thông tin ISITDTU CTF 2022 do trường Đại học Duy Tân, Đà Nẵng tổ chức đã chính thức khép lại vào ngày 18/12. Hai đội purf3ct (đại diện cho CNSC @UIT) và Sp33d_0f_T1m3 (đại diện do UIT) đã có màn thi đấu ấn tượng với...
Câu nói được sử dụng làm tiêu đề trích từ câu nói của nhà Sinh lý học và Y học Horace Freeland Judson - người đoạt giải Nobel năm 1962 cho thấy tầm quan trọng của thông tin do DNA cung cấp không chỉ ở lĩnh vực y học mà...