Twitter wants 336 million users to change their passwords

NEW DELHI: Twitter has urged its 336 million users to change their passwords after the company discovered a bug. The company announced on Thursday that even though it has since fixed the issue, "As a precaution, consider changing your password on all services where you've used this password,". Chief executive Jack Dorsey tweeted:

We recently discovered a bug where account passwords were being written to an internal log before completing a masking/hashing process. We’ve fixed, see no indication of breach or misuse, and believe it’s important for us to be open about this internal defect. https://t.co/BJezo7Gk00

— jack (@jack) May 3, 2018

He also said that "it's important for us to be open about this internal defect". It is to be noted that Twitter's chief technology officer Parag Agrawal had initially said the company did not have to reveal the information but believed it was the "right thing to do".

I should not have said we didn’t have to share. I have felt strongly that we should. My mistake. https://t.co/Cqbs1KiUWd

— Parag Agrawal (@paraga) May 3, 2018

Image: Flickr Twitter also assured that there is no evidence passwords have been leaked or misused, it is urging its users to update their passwords.

We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ

— Twitter Support (@TwitterSupport) May 3, 2018

The passwords on Twitter are protected via a process called hashing, which shows random characters in place of the actual passwords. But the detected bug stored the passwords in their original plain-text form to an "internal log."