Twitter today asked all of its users to consider changing their passwords after discovering a bug that caused them to be stored "unmasked in an internal log."
According to Twitter, the bug has been corrected and it has seen "no indication of breach or misuse by anyone" after an investigation.
The bug itself is related to the hashing function Twitter uses to mask passwords. Twitter says passwords were written to an internal log before the hashing process was completed, leaving them exposed. From Twitter:
We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.
Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.
Out of caution, Twitter users should reset their password for the service, as well as those for any services using the same password. Now would also be a good time to start using two-factor authentication if you aren't already.
How to change your Twitter password
We're going to see tons of game delays this year and that's OK
We'll be seeing a lot of games delayed throughout 2021, more than were delayed in 2020. Right now, you should only depend on playing things that were originally supposed to release last year. Here's why that's OK.
AMD's Radeon RX 6000 GPUs have arrived. Here's where to find them.
AMD's Radeon RX 6000 GPUs aren't easy to find, and you might be wondering which models are available where. Check out the retailers and models you can expect to buy when stock normalizes.
These are the biggest PC announcements from CES 2021
CES 2021 was different in that it wasn't held at a physical location. Instead, companies relied on press kits and virtual presentations to showcase all the new products. We've rounded up the best PC-related announcements in case you happened to miss the show.
Get off WhatsApp with these other secure messenger apps
Don't agree with the new terms of service WhatsApp has recently laid out? Don't want Facebook snooping around your business? There are other intuitive messenger services that uphold your privacy, and they're collected right here.