Popular social media firm Twitter on May 3 detected a bug in its system that has compromised more than 336 million users' password. The company has announced that it has fixed the issue, but as a precautionary measure, Twitter users are advised to change their passcode and if they have used same for other online services, that too should be reworked.
"We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you've used this password," Twitter Support team said in a statement.
How the bug got detected on Twitter?
Like other social media and technology companies, Twitter too uses the 'Hashing' technique to mask the password in the website's internal database system. For those unaware, Hashing uses a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system. This allows systems to validate account credentials without revealing passwords.
But, Twitter recently found a bug in its system that copied passwords to an internal log before completing the hashing process. Now, this has been fixed.
Tips on how to maintain a strong security for your social media account:
- Always use a strong password with a good mix of numbers, alphabets and special characters, longer the better
- If you are having trouble remembering long and multiple passcodes, install a password manager
- Never use the same password for multiple accounts
- Enable two-step authentication system on your social media account. Once enabled, you will need both your password and your mobile phone to log in to your account. Also, whenever you log in from a new system, it will notify you on mobile/email, whether it was you or anybody else
- Always log-off from social media accounts while using PCs, be it your personal one or your friends
