Twitter asking users to change passwords following bug discovery

If you have an account on Twitter, the company is asking you to consider changing your password. A bug – which Twitter says has now been fixed, and wasn’t misused – prompted the company to issue this advisory.

We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where youve used this password.

Twitter Support (@TwitterSupport) May 3, 2018

For those who are interested in details, Twitter uses hashing to mask users passwords, so that they get stored on their servers in form of a random set of numbers and letters, and not plain text.

However, the company says due to the bug, passwords were written to an internal log before completing the hashing process. Twitter says they spotted the bug themselves (presumably before anyone else did) and fixed everything.

We “are implementing plans to prevent this bug from happening again,” the company said in a blog post.