Twitter has recently launched a warning to all users encouraging us to change our account password because they have detected a security problem.
In this article from their official blog, they explain in some detail what has happened to them. In short, what has happened is that they have discovered by themselves that their users’ passwords were stored somewhere accessible to the members of the company without any protection.
A secure system is what keeps our passwords encrypted, i.e., transformed into a random series of numbers and letters that we cannot interpret. Only advanced computer decryption techniques allow us to compare those stored passwords with those we write, but no one can read them.
But due to some mistake in their working procedures those passwords were kept unencrypted and available, in principle, only to the company’s staff. But as “every precaution is too little” when we talk about the security of social networks as widespread as Twitter, the company itself has warned of the risk of leakage that has existed for these passwords and therefore recommends that we change them as soon as possible.
Our advice, by the way, is that we improve security, not only by changing the password, but by adding a higher level of security using two-step verification or double verification.
Changing your password
We can change the password both from the Web version and from the Twitter applications for mobile devices. Just go to the account settings and change it from the Password section:
Two-step verification
We have already talked about, on other occasions, of how important it is for the security of our most sensitive accounts to add two-step verification, double verification or simply verification. The way to refer to this security-enhancing method varies from one signature to another, but they all work in the same way.
If we activate this method, access to our account will require a double requirement: our password and a code that we will receive on our mobile phone. This way, even if someone comes to know our password, they will not be able to access it if they do not have our phone in their possession.
If we want, we can memorize for our trusted devices that they no longer ask for this code in future accesses. We can configure it like this during the first verified access, which will give us greater comfort.
In the case of Twitter, we can implement this second level of security from your account settings page, section Set up login verification. Just press the button and follow the instructions.
Logically, in order for the system to work, we must have registered a mobile phone number where we can receive the verification codes. If we have not already done so, we can register it from this page of Your Twitter data.