Twitter is suggesting all users change their passwords after the company found a bug that caused passwords to be stored without normal security encryption.
In an online blog post, the social network announced Thursday that it did not find any breach or misuse of the passwords and that the problem has been resolved. However, it recommended users change their passwords "out of an abundance of caution."
Stored passwords are typically masked using an industry-standard process called "hashing," Twitter said. Hashing replaces passwords with randomized numbers and letters and allows Twitter to confirm users' credentials without exposing their actual password, the company said.
Twitter said it discovered a bug that caused passwords to be written in an internal log before they were hashed. It found the error, removed the passwords and says it is working to prevent the problem from happening again.
"We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day," Twitter said.
We recently found a bug that stored passwords unmasked in an internal log. We fixed the bug and have no indication of a breach or misuse by anyone. As a precaution, consider changing your password on all services where you’ve used this password. https://t.co/RyEDvQOTaZ— Twitter Support (@TwitterSupport) May 3, 2018
To change your password, go to "settings and privacy," and then "password."