How Did the 2018 Twitter Password Hack Work

Recently, there was a huge scandal involving Twitter and the masses. When a password incident happened, the bug exposed too many passwords to various twitter accounts in plaintext to whoever knew where to look. Twitter first found out about the unfortunate software glitch, and they then urged all of their users, as many as 330 million, to change their passwords as soon as possible. Knowing what happened to Twitter’s software can help you understand how this Twitter password hack happened earlier this month. Here is everything you need to know.


The Initial Problem

Twitter first announced the issue through a series of tweets and blog posts that were sent directly from Twitter’s support system to users of the social media site. The initial problem was a software glitch that took the passwords of all users, putting them into a readable text document on the internal computer system of Twitter’s headquarters. The millions of users are at risk of having their password stolen by hackers which can break into accounts and get personal information and more. The initial problem is being handled as well as it possibly can by the staff at Twitter Support. They are even sending out notifications to users, begging them to change their passwords for better protection of their account and information.




How It’s Supposed to Work

The original system is supposed to be secure. In fact, the system is supposed to securely store the passwords in such a way that even the Twitter employees cannot see the passwords. The system uses something called bcrypt, which employs a random set of letters and numbers to store the passwords within the system. In this way, the credentials like the password are stored in the system without being easy to crack. The passwords stay secure due to the randomness of the letter and number combinations, and the users can keep their information safe. This is all well and good until something like the data breach happens.

What Went Wrong

The data breach was the direct results of a software bug within the security system that resulted in each password being written in the internal log just before the hashing process of the system was completed. This is just a bunch of words to say that the passwords were open and exposed on the internal system of the company. The breach was luckily caught early, and the Twitter support staff has mentioned that the problem has been resolved. There was also no indication that the passwords were taken or misused by any of the insiders who knew about the breach. Despite this encouraging information, Twitter is still urging their members to take a few minutes and change their password. Regardless of whether the passwords were stolen during the breach, the safety issue is still there. Twitter wants to keep their users protected, and thus, they are pleading with users to change their passwords now just to play it safe.



Resetting Your Password

Since Twitter is asking their users to change their passwords, many people are lost on how to do just that. Changing your password is a fairly simple process. First, you will need to go to your Twitter account on a computer. Next, click on your profile picture that is in the top-right corner of your screen. Find the “settings” location, and there you will see a “privacy” location. Next, find the password location and select it. From here, you can change your password by typing in your current password and creating a new one with stronger credentials.

If you are trying to change your password through your smartphone or tablet application, you will need to select the Twitter application for either iOS or Android. Once it has loaded, select your profile picture icon, which should be in the top-left hand corner of your screen. Find the “settings and privacy” location, select the “account” location, and find the area that reads “change password.” On Android devices, the area will simply read “password.” From here, you can change your password by creating a stronger password using capital letters, numbers, and a variety of combinations until your password is strong.

Another tip for changing your Twitter password is by changing any other services that you have used that same password to log in to. Twitter also has something called two-factor authentication, which makes it more secure for users and avoids a hijacking of the account by unauthorized users.




The 2018 Twitter password hack was not the best thing for the social media service. Even though they were able to catch this mistake early, they still had a breach in security, which has alerted users and personnel alike. The Twitter Support staff are urging Twitter users to change their password as soon as possible just as a security precaution. While the issue has been resolved, the breach of information still stands out for the company right now, leaving many people hesitant. The best way to avoid this happening again is by creating a stronger password than before and changing your passwords that are alike on different services. Not only will your personal information be safe, but you can rest assured that Twitter is doing everything in their power to prevent a password breach of this nature from happening again.


bio pic -james-gorski

About The Author:

James Gorski

In addition to being the editor at designrfix and writing about tech, web and graphic design among other subjects, I love “unplug” and be outdoors hiking and enjoying nature. If you can’t reach me, it’s probably because where I am at doesn’t have cell phone reception.



About the Author


Hi All, I'm Nicola and I am part of the EuroSTAR team. I enjoy outdoor activities and martial arts, it's fun! I joined EuroSTAR in 2018 and am excited to meet new people every year during the conferences. Tester Friends are for life :)
Find out more about @nicolag

Leave a Reply