Twitter Security

May 3, 2018

If you use Twitter, you are being advised to change your password as they have logged in plain text for months.

Twitter themselves say they found the error and are urging users out of caution to change their passwords, they don't believe the passwords or accounts have been compromised or affected, but just to be sure they suggest you change your password.

A bug has basically logged your password in plain text rather than it's hashed value.  When you set your password on most secure websites it is masked through a process called hashing which should always be a unique value (although not always!) so that when you enter your password to log in they can compare the hash value with the one they have stored when you set your password originally and if the two values match you can log in.

This is a normal way to handle passwords and means that your password isn't revealed to the company, just the hashed value.

Now go and change your password over at Twitter and make it a good long passphrase that no one can guess.  And while you're at it, maybe think about adding Two Factor Authentication.

As a social media platform it has access to potentially personal information so the account should be protected as best as you can.  For businesses that rely on Twitter to inform customers of news or events or updates, if your account is compromised then it could be misused.

So enable Two Factor Authentication while you change your password and get serious about security.

From the Twitter Blog

And keep an eye out for malicious emails that pretend to be from Twitter or Facebook to try and get you to click links that will take you to malicious websites.


Leave a Reply

© 2022 Cyberawaresolutions