In the wake of a new month, Twitter users had caught a bad news when Twitter via its official Blog announced the news of around 250,000 twitter accounts being compromised. The attack seemed to be a sophisticated and planned attempt to take on twitter, This has been the 3rd major security breach within the last two weeks. The first and second being the New York Times and Wall Street Journal breaches.
Although there isn’t much to worry as Twitter once they detected an unusual account access pattern had shut down the process just moments after it was launched rescuing millions of tweeters.
Also those accounts which were compromised have less worry as their passwords have been reset and the main Email account associated with the Twitter account has been notified asking a new password.
The scenario is much worse for those people who keep one single password for all their online properties such as EMail Accounts, Other Social Network accounts etc. Hence it is best advised to keep a separate password for each online account so that even if one account gets in the wrong hands, The other will stay safe.
The attackers have had access to usernames, email addresses, session tokens and encrypted/salted versions of passwords for these 250,000 accounts and that in itself is a huge risk. These data that have been stolen can be used to build databases/password lists.
Further more if a compromised user, when asked to change his password sets his old password again then the whole point of a password reset becomes invalid, I am not sure if Twitter allows using old password again.. But in my opinion if they allow then it can pose a huge risk.
Tips to Account Safety
- Enable Phishing Protection : Latest version of Firefox has Phishing Protection by default and for Chrome, Have a look at this page. You should also install McAfee SiteAdvisor to get overall reputation of a website and detect if you are being redirected to a Fake, Phishing website.
- Use a Password Manager : Using a password manager will allow you to generate and save new and strong passwords for all Online Accounts. You can access all these passwords with a single Master Password. My suggestion would be to use Lastpass. Check how strong is your password.
- Use a proper Antivirus and Firewall : I am not suggesting you g and buy a premium Antivirus product, The free version of Avira and Avast are awesome and assisted by a free Firewall such as Comodo Firewall, It forms the best security combo.
- Are you doing these 3 mistakes that could reveal your password? Check here.
- Beware of Short links : Short links can be useful when sharing stuffs on Social Network but not knowing what is behind a Short link can be hazardous. Install this extension to know the true URL behind a short link before clicking on it. [Firefox] [Chrome] [Internet Explorer].
- Don’t Login from a Public computer.
- Enable two step Authentication wherever available. Howtogeek.com has provided a list of 16 popular web services which allow 2-step authentication, Checkout the list here.
- It is advisable to disable Java on your Browser, Know more.
- Check out our Security Category for more computer and internet security articles.
Hope this has helped you in some way and just remember to use common sense when using the Internet that will save you from a lot of hassle. Share this article if you liked it, Use the share buttons above or below.