Twitter Asks All Users to Change Their Password

Twitter Asks All Users to Change Their Password

A bug in the Twitter system caused people's passwords to be kept unmasked in an internal log.

  • By Sydny Shepard
  • May 07, 2018

If you haven't already changed your Twitter password, what are you waiting for?

Last week, Twitter's chief technology officers, Parag Agrawal, revealed that a bug in the Twitter system caused the passwords of users to be stored unmasked in an internal log. The social media company swears that there is "no reason to believe password information ever left Twitter's systems or was misused by anyone," it is recommending that all 336 million users change their passwords immediately.

Generally speaking, this very public notice from Twitter should be lauded for its transparency," VP, product management and strategy at Tripwire, Tim Erlin said. "Finding unmasked passwords in logs is obviously a problem, but it's hardly unique to Twitter. As an industry, we should make sure we're praising positive moves as well as criticizing the problems we all see."

Perhaps the more important piece of news here is not that Twitter is recommending its user's change passwords to their Twitter accounts, but they are recommending that users change their passwords on all other websites where the password might have been used.

"Twitter passwords being stored in plain text does not sound great but, according to the social media giant itself, there appears to be little to no risk that user credentials have made it out into the wild," security researcher at Comparitech.com, Lee Munson said. "That said, it is curious as to why Twitter would have any passwords stored in plaintext at any given moment in time when it otherwise claims all login credentials are encrypted. For that reason alone, all users of the social network should follow the company’s advice and change their passwords immediately, paying careful attention to ensure the replacement is long, complex and not used anywhere else online – a password manager would certainly be a useful tool for achieving this."

In order to change your password, go to Twitter.com and scroll over to your avatar in the upper right hand corner. Click it and navigate to "settings and privacy" on the drop-down menu. From there click, "Password" on the left. Change your information, keeping in mind password rules to protect you in the future, like creating a unique password for different accounts and implementing capitals, numbers and symbols into your password.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West

  • Live From ISC West 2024: Post-Show Recap

    ISC West 2024 is complete. And from start to finish, the entire conference was a huge success with almost 30,000 people in attendance. Read Now

    • Industry Events
    • ISC West

  • ISC West 2024 is a Rousing Success

    The 2024 ISC West security tradeshow marked a pivotal moment in the industry, showcasing cutting-edge technology and innovative solutions to address evolving security challenges. Exhibitors left the event with a profound sense of satisfaction, as they witnessed a high level of engagement from attendees and forged valuable connections with potential clients and partners. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3