Twitter on Thursday in its blog post has requested its users to immediately change their account passwords since the company had discovered an internal bug within the systems which has put passwords of millions of Twitter users at risk.
The passwords of user’s has now been kept in plain text which is generally not the case. This has happened due to an internal bug in the company’s systems which are designed to encrypt user passwords.
The passwords go through a hashing process which uses a function known as bcrypt which replaces the actual password with random characters which are stored in the systems of the company. But in this case the passwords were stored in the systems in plain text before going through the hashing process.
However the social media site also confirmed that the passwords were mainly exposed to some of their employees and that users need not worry about their data, which remains safe.
The company has advised all its Twitter users to immediately go through the process of resetting the password. The password need to be reset on all the services which have been logged in via Twitter account.
Twitter has over 330 million users across the globe and all the passwords are saved with random characters on the systems. As a precautionary measure the company wants its users to change their passwords.
The bug which occurred has reportedly been fixed and there has been no breach of passwords. Since the passwords were mainly exposed to the company’s employees there was not much of a worry.
Still it is advisable for users to reset their passwords with a new one since the new passwords are saved in the system after going through the hashing process.
For the benefit of users, opening the Twitter app will now show a pop up screen asking users to change their passwords by going to Settings and privacy. You would need to “Go to the password” section and change the password by inputting a new password.
You can also log in to twitter.com to make changes to your password. After changing the password, users’ are advised to also enable two factor authentication to protect their account with dual password protection. To enable two factor authentication, you would need to go to Account Settings>Security>Login verification.