Twitter pushes out mandatory password resets

Twitter has rolled out a mandatory password reset to a number of its users whom it suspected of having compromised accounts. The push involves a number of accounts that experienced a "sudden surge" in followers.

The microblogging network said in a blog post that it investigated the phenomenon further, and discovered "a high correlation between folks who have used third party forums and download sites and folks who were on our list of possibly affected accounts". In almost every case, the same email address and password were being used.

It appears that someone has been creating torrent sites and accompanying forums, then selling them to people who want to make cash off advertising alongside the downloads. However, the original coder left in backdoors that allowed them to access the login details of everyone who signed up for a site. If those details were the same on other sites, then the user's account on that site would be compromised too.

Twitter links to its page on account security, and back in October we gave you some tips for creating a strong password too. Best practice is to always use a different password for different sites, and keep that password safe in a secure password manager application. That should keep you safer than most.

 



>