Why you should change your Twitter and GitHub passwords now

Share

Nevertheless, the social media giant urged all 330 million users changing their Twitter passwords immediately, and even go as far as resetting them on other websites. But it advised the users to contemplate changing their Twitter passwords "out of an abundance of caution".

Twitter instructed users on how to change their passwords from the Twitter app or web page.

The bug occurred prior to the hashing process and resulted in passwords being stored in a plain text log that Twitter discovered internally.

"We fixed the bug and have no indication of a breach or misuse by anyone, " Jack Dorsey, Twitter's chief executive officer, said in a Tweet. According to the company, a software glitch stored those passwords unmasked in a log.

"We didn't have to, but believe it's the right thing to do", he said but, following widespread criticism, he later backpedaled on his initial comment and apologized to users.

The Kentucky Derby: five reasons why you shouldn't miss it
Going up against a field of 20 is a daunting task. "They wanted to be in on the horse and approached us", Walden said. As the annual Kentucky Derby race quickly approaches, many fans are wondering how they can watch the big race.

Enable login verification, also known as two-factor authentication. But Twitter and GitHub have slipped up by inadvertently storing passwords in plain text.

To not make such mistakes again in the future, the company says, they are now implementing plans to secure the user's information including their passwords. "This is an industry standard", Agrawal said.

Twitter Support team has shared the information by making a tweet regarding the issue.

The social network earned $61 million in the first three months of the year, helped by strong growth in advertising revenue and modest gains in users. It still urged all users to consider changing their passwords. Dan Kaminsky, a well-known security expert who is chief scientist at WhiteOps, tweeted to Agrawal: "You did the fearless thing".

While the company did formally apologise for the occurrence of this accident, it is disconcerting that such a basic flaw that comprises user's personal information could exist in the first place.

Share