CYBER NEWS

Change Your Twitter Passwords Now, Security Bug Revealed

Twitter image

Twitter announced a critical security bug that has been identified in the service and is now prompting users to change their passwords. The problem lies in the way the account login passwords are stored in the internal database.

Change Your Twitter Passwords Now! The security bug is rated critical

Twitter as one of the foremost social networks is certainly one of the largest gatherings of users and their credentials. It has caused massive uproar among the security community and the general public when it announced a few hours ago that a dangerous security bug has been identified. The news broke when users attempted to login to their accounts and were presented with a message prompting them to change their passwords. The development team posted about this issue in an official post as well.

It appears that a problem was found in the way the passwords are stored. The team found out that an issue with their system allowed passwords to be stored without being “masked” properly. Masking refers to the way sensitive information are stored in an internal database. The usual route is to manipulate the strings using a special “hashing” algorithm that changes them into a random mix of letters and numbers. This is used in order to protect them from the company employees themselves. During an evaluation the team discovered that this step was not being executed in the proper way. As a result many passwords were stored in an internal log file and the actual hashing algorithm was not being launched by the storage services. Twitter state that they have fixed the issue and so far there are no reported cases of abuse.

Related Story: Twitter Gave Access to Researcher Related to Cambridge Analytica

Following standard security practices the service has issued a warning to all of their users to change their passwords and revoke the strings if they are used with other Internet services. To ensure that no unauthorized attempts are made to the user accounts the Twitter staff also recommend that two-factor authentication is enabled. For easier management of strong credentials computer users can also employ password manager software.

Such incidents can lead to serious accounts abuse if there are any traces left of the passwords in backups or archives. The chances of them being accessed by malware actors remain slim as they are usually placed in different locations following security standards.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...