You Better Reset Your Twitter Password

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
8,304
Just a couple of days ago we posted news of GitHub leaving some of passwords in plain text within the internal logging system. Guess what? It has happened again and Twitter is the culprit. According to a blog post explaining things they say that a bug left passwords in plain text within the logging system before the passwords were hashed. Supposedly there hasn't been any sign of malicious use of these passwords, however, they recommend you change your password just in case.

Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.
 

Pieter3dnow

Supreme [H]ardness
Joined
Jul 29, 2009
Messages
6,789
So here is my problem with the whole renew passwords idea. Did they make sure that since they got to the server there are not any back doors active, which would make changing your passwords useless ;) .

I thought everyone uses encryption these days storing passwords for the last 10+ years or so.
 

magoo

[H]F Junkie
Joined
Oct 21, 2004
Messages
14,371
So, here's a news flash.......don't use this shit and you're fine.

Never had an account and never will.
Same for Facebook (unless they start that dating service.......that seems soooooooooo cool........) Not........
 

Ur_Mom

I'm Not Serious
Joined
May 15, 2006
Messages
20,070
I thought everyone uses encryption these days storing passwords for the last 10+ years or so.
Stored, yes. They set up logging on some authentication part, which had the passwords sent and stored in plain text... No indications of compromise yet, AFAIK.

I reset mine. Twitter makes for a good news feed if you follow the right people (I have some that are news worthy and others that are just a bunch of political BS, but still have some relevant content from time to time). Plus, [H] does automatic Twitter posts, I believe. Not that I miss anything on the front page, anyway. It's a page I visit multiple times a day.
 

Nolan7689

[H]ard|Gawd
Joined
Jun 5, 2015
Messages
1,525
Man, I don’t even know my password or use the damn service. They can have it maybe they’ll make me popular.
 

ZLoth

Gawd
Joined
Apr 13, 2010
Messages
854
Done. I have changed my password from InW37rTre9 to 9y&)0L4[=*oH=[0B;Ncf:~u<-8(r;Ql9^jF5T@KFQjCpK30dM17t6w{sj%%i (or was it =Kwb2t$7O@s*;):B!&vJsTw+tD5,wIA,OmOO|-C:A'oad$[H*OxM9,Bs?:*M). Hopefully, that's strong enough. I have also set up two-factor authentication.
 

Mike89

Gawd
Joined
Jan 27, 2003
Messages
702
I don't give a shit, I don't tweet (and never will) anyway. I do it the old fashioned way. I stick my head out the window and yell "fuck off" to all my neighbors.
 

Pieter3dnow

Supreme [H]ardness
Joined
Jul 29, 2009
Messages
6,789
I don't give a shit, I don't tweet (and never will) anyway. I do it the old fashioned way. I stick my head out the window and yell "fuck off" to all my neighbors.
When you sometimes have some trouble with certain companies which like their public profile online important they tend to be more forthcoming then when directly communicating (phone or email).
 

RPGWiZaRD

[H]ard|Gawd
Joined
Jan 24, 2009
Messages
1,076
Deleted my Twitter account long ago, didn't get any use so. It's just Trump keeping the stuff relevant.
 
Top