Skip to main content
Information Security

Blog Posts

Change your Twitter Password

Twitter has discovered a bug that internally stored user passwords in plaintext and is urging users to change their passwords.

On May 3rd, Twitter disclosed that they have discovered a bug in their systems that had the potential to expose user passwords. Normally, companies never store your passwords in plaintext. Instead, they pass them through a hash function that replaces the password with a fixed-length random-looking string, and then stores that string. When you enter your password to log in, it is hashed again and compared to the stored hash. 

Twitter's bug saved users' passwords in plaintext to an internal log. Twitter says that it has corrected the mistake and has "no indication of a breach or misuse by anyone," but still urges users to change their passwords. 

In the wake of this and manymanymany other potential password exposures, make sure you change your Twitter password and the passwords of any accounts that used the same password of your Twitter account.