330 Million Twitter Users Have Been Requested To Change Their Passwords After A Bug Unmasked Their Passwords On An Internal Log
When you set a password on something you have expectations that the password will remain secure at all times. Recently, we have seen many password breaches that threaten users’ security and privacy. It seems that Twitter has also fallen prey to a bug that put the privacy of millions of users at risk.
Bug Puts Twitter Users Privacy At Risk
Twitter just revealed in a post that a bug had left the stored passwords unmasked in an internal log. However, they are sure that this information has not fallen into the wrong hands. As a precautionary measure, the company has asked everyone to change their passwords. The company said in their blog that they have fixed the bug. The company has requested that if you have used the same password on other sites as well, then you should definitely change those too.
The company uses a process of hashing that masks the passwords and uses a function known as bcrypt which replaces these passwords with a string of a random set of numbers and letters. This process allows validation of users accounts without revealing the password. Due to a bug, the passwords were on an internal log. The company has written on their blog that they found the error themselves and are ensuring that it does not happen again.
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Twitter Support (@TwitterSupport) May 3, 2018
According to the company’s investigation, the information has not been misused in anyway. The company has given a few tips to ensure that you are protected, just in case a breach took place. If you are a twitter user, then you can follow these steps as given in the twitter blog to stay secure:
- Change your password on Twitter and on any other service where you may have used the same password.
- Use a strong password that you don’t reuse on other websites.
- Enable login verification, also known as two factor authentication. This is the single best action you can take to increase your account security.
- Use a password manager to make sure you’re using strong, unique passwords everywhere.