An internal “bug” left millions of Twitter passwords potentially exposed for months in a plain text file, the company revealed, as it urged hundreds of millions of users to change their passwords as a precaution. Twitter is supposed to “hash” passwords, using a process called “bcrypt,” before they are stored internally, so the actual passwords are masked for security. A bug caused the passwords to be written down in an internal log before the hashing process was complete, Twitter’s chief technology officer Parag Agrawal wrote in a blog post on Thursday.
No comments:
Post a Comment