Newsletters
Technology, Discovery & Innovation NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Computing Digital Life Discovery Space More Topics...
Network Security
Average Rating:
Rate this article:  
Twitter Password Reset Prompt Was Excess of Caution
Twitter Password Reset Prompt Was Excess of Caution

By Adam Dickter
November 10, 2012 3:58PM

Bookmark and Share
In Twitter's statement regarding the password breach, no explanation was given for the initial concern about the passwords or how many people were actually affected. A Twitter spokesman did not respond to our request for information in time for publication.
 



It's hard to imagine something worse than a nefarious hacker taking hold of your Twitter account, potentially sending out dozens of embarrassing or harmful Tweets in your name.

So when millions of Twitter users got emails this week warning them to change their passwords to keep their accounts from being compromised, most probably did so faster than you can say hashtag or microblog.

But it turns out that in most cases the warning was unnecessary.

'Our Bad'

Twitter on Thursday fessed up to a case of password overkill, announcing on its Status page that not as many accounts as they first assumed were suspected to be compromised.

"We're committed to keeping Twitter a safe and open community," Twitter said. "As part of that commitment, in instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users.

"In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused."

No explanation was given for the initial concern about the passwords or how many people were actually affected. A Twitter spokesman did not respond to our request for information in time for publication.

Security experts recommend changing passwords routinely, even when not prompted, to avoid having accounts hacked.

And users of any popular email or social media service should always double check whether "change your password" or "verify your account" prompts are legit.

Hover First

One common example of phishing -- the term that describes hackers' attempts to trick you into revealing passwords and other data -- is a fake email from PayPal threatening to limit the recipient's account privileges unless he or she clicks on a link in the message.

"You don't tell where a Web site goes by clicking on it," warns cyber security expert Graham Cluley of Sophos. "After all, you could be taken to a Web site that hosts malware or an exploit, which could -- afterwards -- take you to the real site."

Cluly suggests users hover their mouse cursor over the link to see where the pop-up tells you the destination will be.

"Even then, hackers could compromise a vulnerable Web site so that clicking on a link to a legit Web site ends up taking you to a dangerous page," he adds.

Cluley suggests a bit of homework before you respond to an "out-of-the-blue" reset-password email when there was no prior sign of trouble, such as unauthorized use.
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Banks Hit by Android-Skirting Malware
2.   New Technology Defeats Privacy Efforts
3.   Juniper DDoS for High-IQ Networks
4.   Big DDoS Attacks Hit Record in 2014
5.   Can Google Stop Zero Day Flaws?


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Banks Hit by Android-Skirting Malware
34 institutions, four European countries
Average Rating:
New Technology Defeats Privacy Efforts
Study identifies 3 browser techniques.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
34 European Banks Hit by Android-Skirting Malware
Criminals have been finding gaping holes in Android-based two-factor authentication systems that banks around the world are using. The result: 34 banks in four European countries have been hit.
 
New Web Tracking Technologies Defeat Privacy Protections
Recently developed Web tracking tools are able to circumvent even the best privacy defenses, according to a new study by researchers at Princeton and the University of Leuven in Belgium.
 
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 

Navigation
Sci-Tech Today
Home/Top News | Computing | Digital Life | Discovery | Space | Innovation | Health | Science News
Environment
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.