News broke yesterday that popular social media service Twitter had a bad bug that allowed user passwords to be stored in plain text. From what we know, this wasn’t a breach, so user data wasn’t leaked. Even so, we commend Twitter for being proactive and transparent about what happened so that users can act to better protect themselves.
The company is strongly urging all users to change passwords. We agree that you should take steps to secure your account – and use this as an opportunity to strengthen your overall online security, too.
1.Run the Security Challenge
LastPass users should run the Security Challenge before changing their password.
Because the Security Challenge will flag any other sites where you’re using the same password as you did for Twitter. As a LastPass user, you know you should be using strong, unique, long passwords for every single account, but sometimes we just get too busy.
Once you’ve identified any duplicate passwords, then you can start updating them with the help of the LastPass password generator.
2. Auto-change the Twitter password
If you’re using LastPass, after you run the Security Challenge you’ll see the option to auto-change any Twitter passwords stored in your account.
By clicking the “Auto-change” button, LastPass will instantly launch Twitter and change your password for you. No action required! If you have login verification turned on, though, you’ll need to submit the code before LastPass can continue.
3. Or, manually update your Twitter password
If you’re on a computer:
- Go to www.twitter.com in your web browser.
- Enter your current username and password.
- Click your profile image in the top right.
- Click Settings and privacy.
- Select Password.
- Enter your existing password.
- Use the LastPass password generator to create a new, random password.
- Click the Save changes button.
- When LastPass prompts you to save the changes, click Save.
If you’re on a mobile device:
- Open the Twitter app.
- Tap your profile photo in the top left.
- Choose Settings and privacy.
- Tap Account.
- Tap Password.
- Use LastPass to either autofill (Android) or copy-paste (iOS) your existing password.
- Open the LastPass app and expand the left-hand menu to select Generate password.
- In the password generator, tap the copy icon, then tap Save.
- Enter the site name and username fields, then tap Save.
- Open the Twitter app and paste the generated password.
- Tap Change password.
- Be sure to delete the old Twitter.com entry in your LastPass vault.
4. Turn on login verification
Add another login step to ensure that attackers can’t access your account if they steal your password. Twitter offers a login verification option that sends you a code every time you try to log in. For the best security, we recommend the app option over the text message option, but anything is better than nothing.
Follow Twitter’s steps to turn on this important feature for your account.
5. Do a quick clean-up
Feeling motivated to do more? We have plenty of tips and steps for you to follow to improve your online security. Check out these tips:
- Protect your phone from a “port-out scam”
- 7 ways to protect your credit cards online
- Spring cleaning for your digital life
- World Backup Day: Back up your data or risk losing it
- 4 ways you should use LastPass but probably aren’t