Out of what it called an “abundance of caution,” Twitter advised all of its 330 million users Thursday to reset their passwords after it said it “found a bug that stored passwords unmasked in an internal log.” While never good news, scenarios like these are important reminders that strong (and differentiated!) passwords are a critical part of online security.
“Due to a bug, passwords were written to an internal log before completing the hashing process,” the company said in a Wednesday email to its users. “We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.” While Twitter said it had “no reason to believe password information ever left Twitter’s systems or was misused by anyone,” the social media platform also asked users to consider changing their passwords.
So what’s the best way to go about that?
Identify Similar Passwords on Other Platforms
You may have heard this before, and at the expense of sounding like your nagging mom, please do not make your passwords similar — literally for this exact reason! Using similar or the same passwords across platforms and websites is a sure-fire way to jeopardize your security and make your information especially susceptible to hackers.
If you do have similar passwords across platforms, identify and change them immediately.
Ensure That All Passwords Are Strong
Ensuring that each of your passwords is unique is important, but making sure they’re strong is equally crucial. Do not use familiar names or dates such as your own name, pet’s name, partner or child’s name, or dates affiliated with any of those or other obvious players. In fact, refusing to use words or names at all is key, and symbols and numbers only help strengthen passwords overall.
Use a password generator to help create unique passwords at least 8 characters long with the aforementioned elements for each and every online account you manage. If managing these passwords sounds like a nightmare, fear not! Platforms like LastPass and 1Password do exactly that and are recommended for anyone looking to up their online security game.
Always Use Two-Factor Authentication Tools Where Possible
Twitter recommends this for its own platform, but it’s also a great way to protect your email, bank account, and other important information. If this is a service that is available to you (and it is across most social media accounts), absolutely activate it. As Twitter notes in its email about ensuring security across user accounts, two-factor authentication “is the single best action you can take to increase your account security.”
Now go forth and secure your dang passwords!