Sunday July 22, 2018
Home Lead Story Twitter Asked...

Twitter Asked 336 Million Users to Change Password as it Has Detected a Bug

Twitter masks passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter's system.

0
//
16
Twitter in recent months has purged suspicious user accounts in a bid to prevent the dissemination of fake news
Twitter in recent months has purged suspicious user accounts in a bid to prevent the dissemination of fake news. Pixabay
Republish
Reprint

It is time to change your Twitter password now as the micro-blogging platform has asked its 336 million users to do so across its services after it discovered a bug that stored passwords in plain text in an internal system.

In a blog post on Thursday, Twitter said it recently identified a bug that stored passwords unmasked in an internal log.

“We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.

“Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password,” said Parag Agrawal, Chief Technology Officer at Twitter, adding that Twitter is sorry that this has happened.

“We recognise and appreciate the trust you place in us, and are committed to earning that trust every day,” he wrote.

Twitter masks passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system.

"We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again," Twitter said.
Representational Image, Pexels

“This allows our systems to validate your account credentials without revealing your password. This is an industry standard,” Agrawal noted.

Due to a bug, passwords were written to an internal log before completing the hashing process.

“We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again,” Twitter said.

Agrawal advised people to change their passwords, enable two-factor authentication on their Twitter account and use a password manager to create strong, unique passwords on every service they use.

After the massive Facebook data scandal, a report in The Sunday Telegraph recently claimed that Twitter had also sold users’ data to a Cambridge Analytica (CA) researcher who collected the data of 87 million Facebook users without their knowledge — a charge that Twitter has denied.

Also Read: Google Assistant Can Now Connect to Over 5,000 Devices

According to the report, Twitter sold public data access “for one day” in 2015 to Aleksandr Kogan, then a psychology researcher with University of Cambridge, and his company Global Science Research (GSR).

In a statement given to IANS, Twitter said that based on the recent reports, they conducted their own internal review and did not find any access to private data about people who use Twitter.

Twitter reported a revenue of $665 million — an increase of 21 per cent year-over-year (yoy) — in the first quarter of 2018. (IANS)

Click here for reuse options!
Copyright 2018 NewsGram

Next Story

Tech Giants to join Data Transfer Project (DTP) To Help Users Manage Data

The Data Transfer Project uses services' existing APIs and authorisation mechanisms to access data. It then uses service specific adapters to transfer that data into a common format, and then back into the new service's API.

0
tech giants
According to Google, the project will let users "transfer data directly from one service to another, without needing to download and re-upload it". (Wikimedia Commons)

To help billions of users manage their data and help them transfer that into and out of online services without privacy issues, four tech giants — Facebook, Google, Microsoft and Twitter — on Friday announced to join the open source initiative called Data Transfer Project (DTP).

In the early stages at the moment, the Data Transfer Project will help users of one service to use their data to sign up for another service with encryption.

“Using your data from one service when you sign up for another still isn’t as easy as it should be. Today we’re excited to announce that we’re participating in the Data Transfer Project,” said Steve Satterfield, Privacy and Public Policy Director at Facebook in a statement.

The initiative comes at a time when data-sharing is making headlines — be it the massive Cambridge Analytica data scandal or third-party apps accessing users’ data at various platforms — amid countries announcing new data-protection laws like the European General Data Regulation Protection (GDPR).

Moving data between any two services can be complicated because every service is built differently and uses different types of data that may require unique privacy controls and settings.

“For example, you might use an app where you share photos publicly, a social networking app where you share updates with friends, and a fitness app for tracking your workouts,” said Satterfield.

tech giants
Moving data between any two services can be complicated because every service is built differently. Pixabay

“These are the kinds of issues the Data Transfer Project will tackle. The Project is in its early stages, and we hope more organisations and experts will get involved,” he added.

The Data Transfer Project uses services’ existing APIs and authorisation mechanisms to access data. It then uses service specific adapters to transfer that data into a common format, and then back into the new service’s API.

According to Google, the project will let users “transfer data directly from one service to another, without needing to download and re-upload it”.

The tech giants also released a white paper on this project.

“The future of portability will need to be more inclusive, flexible, and open. Our hope for this project is that it will enable a connection between any two public-facing product interfaces for importing and exporting data directly,” read the white paper.

According to Damien Kieran, Data Protection Officer at Twitter, right now, much of the online products and services we use do not interact with each other in a coherent and intuitive fashion.

“Information that is housed on one platform cannot be easily and securely transferred to other services. This is not a positive collective experience for the people who use our services and we are keen to work through some of the challenges as an industry,” Twitter said.

Also Read-Google, Facebook Have Been Using “Dark Patterns”: Report

The Data Transfer Project was formed in 2017 to create an open-source, service-to-service data portability platform so that all individuals across the web could easily move their data between online service providers whenever they want. (IANS)