Twitter advises 330 million users to change password after internal glitch

PESHAWAR: Popular social networking website Twitter has urged its 330 million users to change their passwords due to a software issue.

The users have been advised to change passwords as a precaution because they had been unintentionally “unmasked” inside the company by a software bug. Twitter says it has fixed the issue and there is no indication of misuse or any privacy breach.

Media reports said the bug was identified few weeks ago and the regulator was informed in this regard.

“We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password,” an official Twitter message reads.

The issue appeared through a bug in Twitter’s password hashing. It’s a standard security practice for companies to encrypt passwords to store on its internal servers. Twitter said it stored encrypted passwords using a hashing algorithm called bcrypt. But the social network had stored the password in plain-text before it was encrypted. Twitter said this happened because of a bug.

The San Francisco-based internet company said it was implementing plans to prevent this bug from happening again.