Petteri Pyyny
4 May 2018 3:18
Twitter has found a bug in its systems that logged users' passwords in plain text format to its log files. As web services should never store passwords in human-readable format, but instead, use "hashed with salt" approach to store them, the finding is significant.
Now Twitter asks all its users to change their passwords as soon as possible. According to Twitter, there are no signs whatsoever that the passwords have actually leaked, but as such a possibility cannot be totally ruled out, it is recommended to change the passwords.
Obviously the problem is even worse if user uses the same email address / password combination on other services. Nowadays users are strongly urged to use unique passwords for all different services, but as people are lazy, it is still very common to use same login details across many services.
In such a case, one should change passwords on all such web sites and services.
We encourage users to use password managers - they'll recommend good passwords for you and will also remember all your passwords and keep them in strongly encrypted password lockers. One good (and free) such tool is KeePass.