Twitter is Requesting Me to Change My Password

Author: Craig Pollack Date: May 04, 2018 Topics: Social Media, Password Management, Cybersecurity

Twitter recently released a tweet recommending all 336 million users to change their passwords.  Since this was a tweet, and with the nature of the platform (can you say "noise"?), it may have gone unnoticed by the majority of the audience it was meant for. So, for all of you who have a Twitter account, here's a quick recap.

According to Twitter, the reason they're recommending this change is because of a "bug that Twitter discovered that saved user passwords unprotected on an internal log."

Twitter Support Password Tweet"As a precaution, consider changing your password on all services where you've used this password," the company tweeted.

The company protects user passwords via a process called hashing, which shows random characters in place of the actual passwords. But the detected bug stored the passwords in their original plain-text form to an "internal log."

The company declined to comment on when the bug was discovered, how long it had been storing passwords in this manner and how many passwords were affected. But it reiterated "this is not a breach."

Twitter is prompting users to change their passwords via a pop-up window on the site that explains the nature of the bug and links to their Settings page.

Twitter Password Change Notice

If you use Twitter (or any social media site for that matter), it's a great practice to change your passwords on a recurring basis.  On top of that, and while you're at it, you should add another layer of protection by turning on Two Factor Authorization (2FA).  

As always, we recommend that you do the following for all apps and services:

  • Avoid reusing the same passwords across multiple services
  • Create strong, unique passwords
  • Consider using a passphrase instead of a password
  • Only sign in to your account from secure devices and always sign out if accessing on a non-personal device
  • Enable two-factor authorization whenever possible

On a related note, if you'd like to see how your company's security precautions stack up, please download our free Cyber Security Report Card and evaluate how you're doing.

As always, please feel free to share your thoughts and experiences in the comments section below or send me an email if you'd like to chat about this or any other cyber related issue more in-depth.

Cyber Security Report Card


Craig Pollack

Craig Pollack

Craig is the Founder & CEO of FPA Technology Services, Inc. Craig provides the strategy and direction for FPA, ensuring its clients, business owners, and key decision makers leverage technology as efficiently and effectively as possible. With over 25 years of experience building the preeminent IT Service Provider in the Southern California area, Craig is one of the area’s leading authorities on how small to mid-sized businesses can best secure and leverage their technology to achieve their business objectives.