Online services obviously need a way to store the passwords of its users, but those saved passwords obviously need to be protected as well in case a hacker got to the list. Usually this kind of information is kept masked/encrypted, but unfortunately in Twitter’s case, a bug might have led to passwords being unmasked.The company has recently issued a security notice in which they are encouraging Twitter users to update their passwords. “When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.”
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ
— Twitter Support (@TwitterSupport) May 3, 2018
It should be noted that Twitter’s systems have not been breached or hacked in any way. Instead the company has stated that this bug was found by them and that they are asking users to update their passwords as a precautionary measure. Users don’t have to change it if they don’t want to, but it can never hurt to be too careful.
Twitter has also taken this opportunity to encourage users to enable additional security measures such as two-factor authentication. The company also apologized for the mishap, “We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.”