Twitter alerts users after squashing password revealing internal bug

Pat Wise
May 5, 2018

Twitter has over 330 million users across the globe and all the passwords are saved with random characters on the systems.

On both the Twitter website and its mobile apps, users need to go to Settings to change their password.

The bug occurred prior to the hashing process and resulted in passwords being stored in a plain text log that Twitter discovered internally.

"Out of an abundance of caution, we ask that you consider changing your password on all services where you've used this password".

Nonetheless, the company is recommending a password reset for its more than 300 million users.

"We are very sorry this happened", the Twitter blog said.

65th National Film Awards 2018
On April 13, 2018, the awards were announced and Sridevi posthumously won the Best Actress Award for her role in " Mom ". Janhvi is preparing for her film Dhadak opposite Ishan Khattar and the film is remake of Marathi movie Sairat .

Solo Director Ron Howard Narrates Arrested Development/Star Wars Mash-Up
First Star Wars DayThe first " Star Wars " day was celebrated in 2011 Toronto, Ontario, Canada at the Toronto Underground Cinema. In 2007, to mark the 30th anniversary of Star Wars release date, the Los Angeles City Council declared May 25 as Star Wars Day. (LON:ASC) Receives "Buy" Rating from Shore Capital
Three research analysts have rated the stock with a hold rating and two have given a buy rating to the company's stock. The average 1 year price target among analysts that have covered the stock in the last year is GBX 416.25 ($5.81).

Agrawal apologized for the mishap, noting how the folks over at Twitter "recognize and appreciate the trust you place in us, and are committed to earning that trust every day".

Twitter says it has isolated and resolved the issue, removing any stored passwords and "implementing plans" to ensure the issue does not resurface.

"I'd emphasize that this is not a breach and our investigation shows no signs of misuse", a Twitter spokeswoman said. Turning it on means even if someone does have your password, they can't access your accounts without a second piece of information, like a code texted to your phone. This isn't because there's a high risk that the Twitter passwords have been exposed to bad guys, but simply because what you are doing is unsafe.

The "hashing" process is industry standard, Twitter noted. However, if you potentially use a single password across a number of accounts - Google, Facebook, Microsoft, your bank - you should be petrified. Dan Kaminsky, a well-known security expert who is chief scientist at WhiteOps, tweeted to Agrawal: "You did the fearless thing".

One of the biggest problems is hacking that steals personal data and other information that is then sold on the dark side of the Internet.

Other reports by

Discuss This Article