The microblogging site Twitter is advising its 336 million users to change their account passwords immediately. The reason, a bug in their system exposed the passwords in plain text.
According to a blog post, the bug (now fixed) existed in the hashing process that is used to secure account passwords by turning them into random numbers and characters.
Due to the bug, the passwords were written to an internal log in plain text before completing the hashing process, practically putting them on display for an attacker.
Twitter has confirmed that they found no sign of a “data breach or misuse by anyone” during their investigation. However, they didn’t tell how many passwords were affected due to the bug and how long it took to fix it after it was discovered.
For adding an extra layer of security, it’s advised that you should enable two-factor authentication for your Twitter account. The microblogging site calls it Login Verification.
Source: https://fossbytes.com/twitter-bug-exposed-password-plain-text/
Submitted by: Arnfried Walbrecht
Comments are closed.