The Twitter Bug, and what it means for you.
Pretty good headline, huh? Disclaimor: I’m not a security expert, but I used to work for a large technology company that talked a lot about cyber security.
Some of us use the same password for everything—it’s easier to remember that way. Maybe you worked hard to create a strong, easy to remember password like Gh0stBullyismyF4vBook100%. Phrases like that are great (better than a password of, say: password). In fact, it’s exactly how you want to think about passwords, so you have a better chance at avoiding bots that are good at guessing those types of things. However, the problem with having one password for everything is that once someone figures it out, they might be able to get into all your other accounts as well.
This week Twitter realized that every user’s password was written into an internal log before completing a masking/hashing process. Meaning that if you knew where to look, you’d see usernames and passwords instead of ####$@$%@#$% or something to that effect. They don’t have an indication that there was a breach, but they’re letting us all know just in case someone else figured it out first or would have … because … of course they would have.
What does this mean?
When a hack occurs, someone or a group of someones figure out how to hack a database. They may know that user: Gh0stBully logs in with the email of BestBookEvarrr@madeupemailserver.com and uses the password: J0n4hSoC00l
Now, they can run a script that tries to log into Facebook, Insta, Twitter … your bank … log in, change the password, and presto-change-O, they’re now you for all intents and purposes. Because a lot of people don’t just use the same password for everything, they also use the same email address a lot of times as well.
Furthermore, it’s not just big companies like Yahoo, Google, or Twitter that get hacked. It could be your favorite blog about, and now your info is out there on the dark web (spooky sounding, right?) for all to see, which is why it’s crucial to have a different password for every site.
But how you say—how in the world could I ever remember all the passwords?
You can’t, probably.
I can’t anyway, so I use a password manager called LastPass. There are a bunch out there, so do your research, but for like thirteen bucks a year, I get super-secure, unique passwords for each site, so I don’t have to freak out if one gets hacked. I just change the password for that site and move on with my morning. Maybe peruse my favorite donut blog, I don’t know.
Password managers take some work to set up initially as you go around and load your sites and create new passwords for them all, but afterward, they’ll make your life a lot easier. Just remember to change your password for the password manager periodically … and don’t write it down on a post it and put it on your computer monitor (people really do this)!
TL;DR (Too long; didn’t read)
Twitter found a bug in their system. Change your password and take a look at a password manager if you haven’t already.
Back to dumb jokes and writing tips next week.