— Twitter Support (@TwitterSupport) May 3, 2018 However, the company has advised its 336 million users to change their password for all services where they have used the password including Twiter. Twitter uses a function called bcrypt which replace the password with some random set of numbers and letters and then it gets saved on the ecosystem. This process of masking the password before saving them called hashing using the bcrypt function.
This process allows the Twitter’s system to validate the passwords without actually revealing the password to anyone. Twitter has posted a tweet in which they stated the fixing of this bug and suggested to change the password on all services where the password has been used. Twitter even put a skippable full-screen message on the Twitter app which states the same thing and takes you directly to the setting to change the password, or you can skip it. Twitter also said that they found the bug and they have fixed it and have taken steps to prevent it from happening any further. Twitter has also removed the passwords which were saved without masking on the Twitter ecosystem.
