Twitter tells users to change password after bug identified

Alfred Osborne
May 5, 2018

I don't know about you, but I would still change my passwords. (OTCMKTS:JMDA) CEO Jeremy Frommer said it was encouraging that Twitter both found the problem internally and informed its users quickly and transparently. There's no indication that anyone's passwords have been stolen or misused, but in the interest of safety, Twitter is recommending everyone change their passwords.

Chief executive Jack Dorsey tweeted to say the "bug" had been fixed.

Twitter uses an industry standard hashing function known as bcrypt to mask users' passwords after you make an account, replacing the actual text with random numbers and letters. And Lubsen notes some people use the same password for everything.

In a blog post explaining the glitch, Twitter CTO Parag Agrawal said: 'Due to a bug, passwords were written to an internal log before completing the hashing process.

Twitter discovered the bug a few weeks ago and has reported it to some regulators, an insider told Reuters.

We have only spent N100m recalling Melaye, says INEC
Ajanah said he was inclined to grant the prayers of the two parties in which they sought variation of the court order on the custody of the senator.

Pence's doctor quits over controversy surrounding Ronny Jackson
Ayers additionally suggested the doctor to carry issues by way of the correct channels on the White Home Medical Unit. Jackson, calling the allegations troubling and even suggesting that they were intentionally harmful to the physician.

Semenya and Samba among winners at high-quality Doha Diamond League
Semenya broke four minutes for the first time in the metric mile, winning easily in 3:59.92 - also a national record. De Grasse added: "I started a bit rusty but I'll just take it from there and improve for the rest of the season".

While Twitter seems to have a handle on the problem, some think they are underplaying how big this issue is.

In 2010, the U.S. Federal Trade Commission settled with Twitter after accusing it of "serious lapses" in data security, allowing hackers to access user data.

The site owners insist that this was not caused by a data breach, although the reason why the passwords were exposed is unclear.

"The Red Cross Blood Service in Australia used an outsourcing provider who inadvertently published their entire database to a public web server resulting in Australia's largest ever data breach", he said. "You can change your Twitter password anytime by going to the password settings page".

Mr Cluley said enabling two-factor authentication that adds another ID check to login attempts would help "harden" accounts.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER