Why You Need To Change Your Twitter Password Right Now
If you use Twitter in a personal or professional sense, you probably received an e-mail over the weekend telling you that it is a good idea to change your password. This is because it was revealed that due to a bug, Twitter had been logging passwords in plain text rather than encrypting them. Twitter has made it clear that they have no evidence of a breach or misuse of this information but it asks out of caution that you consider changing your password.
What is the bug?
Twitter described the bug in their e-mail:
'We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.
Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again'
How can you change your password and make your Twitter account secure?
You can change your Twitter password at any time by going to the Settings page of your account.
Choose a secure password. We wrote a post guiding you through how to make an invincible password which you can find here.
Use different passwords for every platform, and if you have the same password as your current Twitter password anywhere else then change it now.
Use a password manager. There is no excuse for not use different passwords for every platform because you can't remember them, just use a password manager like 1Password which will remember them for you and all you need to remember is one master password.
Enable two-factor authentication. This is an option available on most platforms now including Twitter and Facebook, it adds an additional layer of protection by sending a code to your phone that you enter to log in. You can set it up when you are changing your password.
Just to reiterate, Twitter says that there is no evidence of the misuse of the information revealed in the bug, but it is best to do so to make sure your account is safe. You should be changing your passwords every three months anyway so this is a good excuse to do so!