wordpress blog stats
Connect with us

Hi, what are you looking for?

Twitter asks all users to change passwords after it discovers glitch


Twitter is urging its more than 330 million users to change their passwords after the company discovered a glitch that caused some of them to be stored in plain readable text on its internal computer system rather than being obscured by a process known as “hashing”, as is standard practice. While Twitter says its investigation showed that there was no evidence that any breach or misuse of the unmasked passwords occurred, the company is recommending that users change their passwords out of an “abundance of caution,” both on the site itself and any other website or service where they use the same password.

According to the company’s blog, the bug occurred due to an issue in the hashing process that masks passwords by replacing them with a random string of characters that get stored on Twitter’s system. But due to an error with the system, apparently, passwords were being saved in plain text to an internal log, instead of masking them with the hashing process. Twitter claims to have found the bug on its own and removed the unhashed passwords. The blog did not say how many passwords were affected. Reuters reported that a person familiar with the company’s response said the number was “substantial” and that they were exposed for “several months.” Twitter discovered the bug a few weeks ago and has reported it to some regulators, the Reuters report added.

Mishandling user data

The disclosure by the company comes at a time where regulators and lawmakers around the world are scrutinizing digital platform on the ways they handle user data, especially following revelations that Facebook (Twitter’s biggest competitor) failed to stop a third party political consulting firm, Cambridge Analytica, from accessing data from 87 million users without their consent.

The European Union is due later this month to start enforcing a strict new privacy law, the General Data Protection Regulation, that includes steep fees for violators. The US Federal Trade Commission, which investigates companies accused of deceptive practices related to data security, had settled with Twitter in 2010 over accusations the site had “serious lapses” in data security that let hackers access private user data on two occasions. The settlement called for audits of Twitter’s data security program every other year for 10 years.

Should you change your password?

Yes, you probably should. Twitter states that your passwords have not been inappropriately accessed, the company is asking users to ‘consider’ changing their passwords rather than enforcing them to do so which may happen in case of a breach. But it is advisable to change passwords to not fall victim to any possible leak of this unhashed password database that Twitter has not discovered. Another essential action that most users should take is set up Two-Factor Authentication which is available to all Twitter users, this will keep you secure even if your password is improperly accessed by others. Many users chose to have the same passwords across multiple services and platforms (something I have been guilty of before) therefore if you are changing your Twitter password it is recommended that you do the same on all other platforms that share the same password.

Advertisement. Scroll to continue reading.

Written By

Writes about consumer technology, social media, digital services and tech policy. Is a gadget freak, gamer and Star Wars nerd.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



While the market reality of popular crypto-assets like Bitcoin may undergo little change, the same can't be said for stablecoins.


Bringing transactions related to crypto-assets within the tax net could make matters less fuzzy.


Loopholes in FEMA and the decentralised nature of crypto-assets point to a need for effective regulations.


The need of the hour is for lawmakers to understand the systems that are amplifying harmful content.


For drone delivery to become a reality, a permissive regulatory regime is a prerequisite.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ