You need to change your Twitter password.
Due to a “bug” in its system, some 330 million Twitter users’ passwords may have been temporarily exposed, CTO Parag Agrawal announced on the official Twitter blog Thursday afternoon.
Twitter says it corrected the error in its system, which left passwords viewable in plaintext rather than properly scrambled, but it is still urging all users to change their password.
Agrawal explained the snafu in the blog post, writing that although Twitter protocol is to use hashing to mask passwords, a “bug” caused users’ to be “written to an internal log before completing the hashing process.” This internal log is not encrypted, and the data, unprotected by hashing, was temporarily exposed.
Bottom line: Go change your password. Now.
To change your password via Twitter’s website, click on your profile picture icon near the top-right corner > Settings and Privacy > Password. Enter your current (now-exposed) password, and enter in a new, stronger password. If you’re not sure how to create a strong password, read this first.
On iOS and Android, click your profile picture icon in the top-left > Settings and Privacy > Account > Password (or, on iOS, “Change password”), and go through the password-change process explained above.