The passwords of millions of Twitter users could be compromisedThe company announced that a database error had left them exposed and urged users to change their passwords.
Passwords saved in plain text: this has been the Twitter error
Twitter announced a few hours ago that an error may have compromised the passwords of more than 300 million usersAn error in their database had caused the keys to be stored in plane text and not in an encrypted form, which left them accessible to anyone who accessed the Twitter system.
The platform typically uses a system of hash and encryption The system was designed to store passwords securely, so that even if someone gained access to the database, they couldn't read them directly. However, a flaw caused some passwords to be written to an internal log exactly as entered by the user, without any additional protection, before this process was completed.
They assure that there are no signs of unauthorized access and that, although the error had been present for months, it has now been fixed. However, due to a matter of basic securityThey encourage users to change their password on Twitter and on all services with which the password was shared.
This type of incident highlights how important it is do not reuse passwords between services. If you use the same password for Twitter and your email, for example, a single security breach could allow an attacker to access several of your profiles. That's why it's recommended to use different and strong passwords on each website or application and, if you wish, sync your passwordsand update them periodically.
How to change Twitter password from Android
If you have opened the application in the last few hours, it is likely that you have seen a notice informing you of this that we have just told you. If so, a button will offer you to go directly to the Configuration to change your password, which makes the process much easier in just a few taps.
If you don't tap it directly, tap on your profile picture from the top left and enter Settings and privacy. Then enter Account and in PasswordYou will need to enter your current password and then a new password twice in their respective fields to confirm that you have typed it correctly.
When choosing your new password, try to make it a secure and easy to remember passwordAvoid personal information like your name or date of birth, and combine letters, numbers, and symbols. It's preferable to use a uncommon long phrase (for example, a combination of several words with no apparent meaning to others) than a short string with obvious substitutions of letters for numbers.
Remember not to reuse passwords from one service to another. A security breach on one website can expose your data and grant access to any other account where you use the same password. Changing your Twitter password is a first step, but the real leap in security comes when each service has its own password. unique password.
How to activate two-step verification on Twitter for Android
Once this is done, it's best Activate login verificationeither via SMS or using third-party accounts like Google Authenticator or other security apps. Tap on your profile picture in the top left and enter Settings and privacy. Then enter Account and in Security.
You will see a box of Login verification that you must mark to activate. You will have to enter your password and then it will be a matter of choosing your preferred method. Under the category of Verification methods you will have the two options that we have discussed. If you choose Text messagingIt will be faster, but less secure because SMS messages are not encrypted and are more vulnerable to attacks such as SIM swapping.
If you choose Device security appIt will detect which apps you have installed so you can choose your preferred one. It's a more secure method, but also more cumbersome when transferring passwords from one phone to another, since you'll have to reconfigure the authentication apps on your new device.
In addition to these methods, Twitter allows you to further strengthen security by activating the option to password reset protectionThis way, when someone tries to change or recover your password, they will have to confirm additional information such as your email address or associated phone number, making it harder for an attacker to hijack your account.
In any case, we strongly recommend that you activate at least one of these two-step authentication methods. You'll have greater security and peace of mind, since no one will be able to log into your account without it. extra code requiredCombined with a strong, unique password, this drastically reduces the chances of your profile being stolen or used without your authorization.
Additional best practices to improve your account security
Beyond changing your password and enabling two-step verification, Twitter offers other options for Keep your account secure and away from intrudersOne of the most useful is to review the connected applicationsFrom the account security and access section, you can see which third-party services are allowed to use your profile.
From time to time it's a good idea to review that list and click on Revoke access in any app you no longer use or don't recognize. This prevents old or unreliable tools from continuing to have permission to read your information or even post on your behalf.
Another recommended step is to check the recent loginsTwitter displays an access history with information such as approximate location and device type. If you detect connections from places you don't recognize or from apps you don't use, it could be a sign that someone is using your account without permission.
In that case, change your password as soon as possible, activate or strengthen two-step verification, and review all open sessions. Log out of your Twitter account on AndroidWith those measures, even if someone has managed to get in, You will no longer be able to access once you update your password and security settings.
If you follow these steps, you will use strong and unique passwordsBy activating two-step authentication and regularly checking access and connected applications, your Twitter account will be much better protected against internal platform errors and external attacks, and you can continue using the social network with much more peace of mind.
