Twitter is advising all its 330 million users to immediately change their passwords. The announcement was just made after bug exposed them in plain text. Though there is no evidence of any breach or misuse of any account information, but you should change your Twitter password anyway.

We are sharing this information to help people make an informed decision about their account security. We didn’t have to, but believe it’s the right thing to do. https://t.co/yVKOqnlITA

— Parag Agrawal (@paraga) May 3, 2018

Twitter’s investigation in this matter revealed that there was no evidence that any breach or misuse of the unmasked passwords.  Then also, it is being recommended by Twitter that users should change their Twitter passwords as a precaution measure. Apart from changing the password on site, users should also change their anywhere they may have used that password. This includes third-party apps like Twitterrific and TweetDeck.

According to Twitter,

“We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.  

 Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.”

Twitter have confirmed that no users’ passwords have potentially been compromised but it didn’t revealed that how long the bug was exposing passwords before it found and fixed the issue. But the fact that the company is asking its entire user base to change their passwords indicates that it may to be a significant number of users.

Here are a few steps you can take to keep your Twitter account safe:

1. Change your password on Twitter and on any other service where you may have used the same password.

2. Use a strong password and make sure you don’t use reuse the same password on other websites.

3. Enable login verification, also known as two factor authentication for your Twitter account. This is the single best action you can take to increase your account security.

4. Use a password manager to make sure you’re using strong, unique passwords everywhere.