This is urgent, Yes! Twitter itself urging its users to change passwords. There are more than 300 million users on the platform which needs to take immediate action on altering password for their account protection. It is due to a bug exposed earlier on the platform that shows user’s password in plain text.
While the investigation conducted by Twitter has apparently doesn’t contain any evidence of data breach or misuse. But, as a caution Twitter warns its users to change the password from their account as well as from third-party apps and websites like Twitterrific and TweetDeck.
Also read:Â RIP Passwords! A new standard for web authentication is here
Contents
About The Bug
As per industry standards, Twitter masks the actual password of users with the hashing process using a function known as bcrypt. This function replaces the actual password with the random string of characters, numbers, and special characters and stores on the Twitter system. Whenever you enter the login details or verify your account, it validates account credentials without revealing the actual password.
Due to the bug, before the hashing process, the actual plaintext passwords entered by users are written to the internal log. This bug was found by itself and taking necessary actions to prevent users from this bug.
Necessary steps to be taken to keep your account safe
- Change your password on Twitter as well as on third-party apps
- Use the strong password which contains characters, numbers, and special symbols
- Enable login verification, Two-factor authentication is the best solution to protect your account
- Use Password manager that helps to use unique passwords on different accounts.
Also read:Â Password Secrets: Why Your Password is Never Secure
Follow these steps to change your Twitter password
- Go to the official page of Twitter
- Click on Forget Password? that is placed beside the login button to set a new password
- Now, Enter your email, phone number, or username and tap on the search button
- Next, choose any one of the options given i.e, Receive a code to your registered phone number or receive a link to your registered email address
- If you choose mobile then, enter the received code. Now, it will you prompt to the password reset page to set a new strong password.
- Otherwise, if you choose email then you will receive an email with password reset link. So, tap the link to set the password.