In a statement, Twitter urged users to change their passwords after disclosing “Due to a bug, passwords were written to an internal log before completing the hashing process.” Hashing replaces the actual password with a version that can’t be read by a human being. The company said that it has “fixed the bug, and our investigation shows no indication of breach or misuse by anyone.”
The company offers the following password advice:
- Change your password on Twitter and on any other service where you may have used the same password.
- Use a strong password that you don’t reuse on other websites.
- Enable login verification, also known as two factor authentication. This is the single best action you can take to increase your account security.
- Use a password manager to make sure you’re using strong, unique passwords everywhere.
You’ll find more advice at ConnectSafely’s Tips for Strong, Secure Passwords & Other Authentication Tools.