Social media platform Twitter warned its users that a recent glitch on its system has left passwords vulnerable, and recommended that users change their login details as soon as possible.
While it recorded no data breach – insisting that the data is safe – the group said that it would err on the side of caution and encourage users to change passwords.
“When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.
“Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password,” it said.
According to Twitter, passwords for the platform are masked through a process called “hashing”, which replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system. This allows the system to validate a users’ account credentials without revealing their password.
However, due to a bug, the passwords were written to an internal log before completing the hashing process. This means passwords were available in plain text.
“We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again,” Twitter said.
Here’s how to change your password
- On your profile, click on your profile icon at the top of the page and select “Settings and Privacy”;
- Click password;
- Enter your current password;
- Enter a new password.
The social network advised users to create a strong password, made up of characters in different cases, numbers and symbols – and steer clear of these duds.
For added security on your account, Twitter also has two-factor authentication, which add another layer of security using SMS, or third-party apps like Authy and Google Authenticator.