Twitter Password Change, YouTube Viewership — Tech Bytes

  • Twitter Password Change, YouTube Viewership — Tech Bytes

Twitter Password Change, YouTube Viewership — Tech Bytes

Twitter did not announce when this error occurred, nor how many passwords were discovered. According to the company, a software glitch stored those passwords unmasked in a log. The company says it found no signs of a breach or a misuse of those passwords by anyone. The company told users that it's "implementing plans to prevent this bug from happening again".

Twitter's CTO Parag Agrawal said.

Ilia Kolochenko, CEO of web security company High-Tech Bridge, wondered exactly how many passwords were stored in plaintext and for how long the Twitter bug persisted.

Twitter's chief executive believes that the company should be "open" about the newly found bug. Even Twitter suggests a few of these such as using a strong password and not reusing it elsewhere, enabling two-factor authentication, or even using a cloud-based password manager.

The total number of passwords included on the internal log listing is not known, presently.

"It's not something I'd lose any sleep over", Hunt says.

When you type in "password" at the Twitter log-in screen, what Twitter truly gets is that soup of letters and numbers; it differentiates it with the soup it cooked up and lets you in only if they match. Doing so increases the amount of information and accounts at risk should any of these passwords ever be compromised.

Twitter uses the bcrypt algorithm to hash passwords.

Ensure using a new and entirely unique password which is not directly related to the previous password.

Both MD5 and SHA1 are overly susceptible to brute-force cracking.

Limit the password to one site.

Twitter has made easy ways for changing the passwords.

Bcrypt is considered to be a more secure approach because password-cracking hardware rigs can't generate bcrypt hashes almost as quickly as they can MD5 and SHA1 hashes. However, the recently-discovered bug enabled passwords to be stored without fully completing the hashing process.

To Notify, Or Not To Notify?

They have also said that they have spotted the bug and fixed it instantly to protect the accounts of the users. "We recognize and appreciate the trust you place in us, and are committed to earning that trust every day", Twitter writes in the post.