Twitter has stored an unencrypted password with more than three hundred million passwords. Although it has probably not been abused, the company advises all its users to change their password.
Customize Twitter password: that’s how it works
The passwords of all 336 million users were stored in an internal log file on Twitter without encryption, as the company admitted in a blog post. According to Twitter, the log file was only visible to employees, and as far as is known, the data was not (yet) misused.
Typically, passwords are stored encrypted by online services, as so-called ‘hash’. Your password will then be converted into a long series of numbers and letters, which can not be decrypted by employees of the company or malicious parties trying to intercept your password. In the log file of Twitter, however, the passwords were not stored as the hash, but as plain text.
The company, therefore, advises all its users to change their Twitter password. Fortunately, that is quite easy, via the Twitter app on your smartphone.
- Open the Twitter app, and open the side menu by clicking on your profile photo in the upper left corner;
- Select ‘Settings and privacy’;
- Select ‘Account’;
- Select ‘Password’;
- Then enter your old password and twice a new password to adjust it.
Extra safe: use a password manager
If you use the same password for multiple sites, we recommend that you also change the password on those sites for certainty. With a password manager, for example, you can easily generate strong, random passwords for all sites, which are then stored securely in your personal, virtual safe.