Twitter Demands Users Reset Passwords

It appears that during Tuesday night's election the privacy of a number of high-profile Twitter users was invaded when an unknown website or Internet service compromised their accounts.

That prompted Twitter to force password resets on many of its users.

It remains unclear at the moment how the security breach occurred or how many users' accounts were compromised. Whatever that number, Twitter created a huge stir by sending out more password reset emails than necessary.

"We unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised," said Twitter spokesperson, Carolyn Penner.

"We apologize for any inconvenience or confusion this may have caused." (Source: go.com)

Twitter Emails Raise Alarm

Here's what the alarming emails from Twitter said:

"Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account. You'll need to create a new password for your Twitter account."

Understandably, many Twitter users were spooked by that message. Some expressed frustration with Twitter's decision to include a link in the password reset message, because this often signals phishing or malware scams are at work.

Users Demand Two-Factor Authentication

Other users have expressed concern with Twitter's whole security system, saying it's time the social networking site offered a more comprehensive security strategy.

One possibility: introducing a two-factor authentication process requiring users enter two unique pieces of information to access their accounts.

"We've certainly explored two-factor authentication among other security measures, and we continue to introduce features, such as https, to help users keep their accounts secure," a Twitter representative has responded.

In the meantime, experts suggest users change any passwords they use on their Twitter account and elsewhere.

"I don't want to spread panic or anything, but if you use the same password that you have on Twitter for other services, you might want to change those, too," noted TechCrunch writer, Drew Olanoff. (Source: techcrunch.com)