Twitter advises all 330 million users to change their passwords after bug stored them in plain text


In case you’re considered one of Twitter’s 330 million customers, it is best to contemplate altering your password. An inner bug within the agency’s hashing course of meant that they had been saved in plain textual content in its inner logs. And whereas an investigation has proven no indicators of any breach or misuse, the corporate is recommending individuals change their passwords on Twitter, and on any providers that reuse them, out of an “abundance of warning.”

Chief expertise officer Parag Agrawal explained that Twitter follows the trade normal hashing apply, which scrambles passwords into a mixture of random letters and numbers utilizing a cryptographic course of. However the bug brought about the unmasked passwords to be “written to an inner log earlier than finishing the hashing course of.”

Twitter deleted the log of plain textual content passwords after “lately” discovering it. The corporate instructed customers that it is “implementing plans to forestall this bug from occurring once more.”

“We’re very sorry this occurred. We acknowledge and recognize the belief you place in us, and are dedicated to incomes that belief on daily basis,” wrote Agrawal.

Twitter didn’t reveal precisely what number of of its customers’ passwords had been affected by the bug, or for the way lengthy they sat uncovered within the log earlier than the error was found. In accordance with Reuters’ source, the quantity was “substantial” they usually had been uncovered for “a number of months.”

READ ALSO:  Apple Acknowledges Failed MacBook KeyBoards with New Repair Program

“I would emphasize that this isn’t a breach and our investigation exhibits no indicators of misuse,” a Twitter spokeswoman stated. “As such, we’re sharing the data so individuals could make an knowledgeable resolution on their account safety.”

The scenario is one other reminder to make use of two-factor authentication, which you’ll be able to arrange on Twitter, and a very good password supervisor.



You Might Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *