Why you should change your Twitter password NOW!

The news from Spotify being hacked once again shows that your data is not always safe. Even if you trust the company that holds it for you.

Most users know that they should use a different password for each service they use. But from personal experience I know that we don’t always do what is right. Most people use the same password for all their services.

The danger of using the same password:
Most web developers know that you should never save a password in plain text format but sometimes that just isn’t possible. Take Twitter, or any company with a popular open API.

While Twitter (hopefully) uses a hash for their users passwords, it is the Twitter ecosystem (the hundreds of services that are build around Twitter) that you should be worried about. Since Twitter doesn’t have a safe authentication method for their API (like oAuth) these services need to know your username and password in plain text (ie unencrypted) to query the Twitter API.

If you are a passionate Twitter user you probably use a lot of external twitter apps. What you get is hundreds of places where your Twitter password is vulnerable to hacking attempts.

Celebrate King's Day with TNW Conference :tickets:

Use code GEZELLIG40 on your Business, Investor and Startup passes and get 40% off. Offer ends April 29.

As it is so easy to build a service around Twitter, and many of them have been build in less then 1 day or week, you can imagine that security is not the highest priority for these Twitter projects.

A hacker could probably hack Twitter services more easily than Twitter itself. What he/she would find is your Twitter username and password and in some cases even your email address. Obviously the hacker could abuse your Twitter account, change your password, sell your credentials, stalk you followers and more.

Given that many people use the same username/password combination for many different online services these hackers could also try to log into other web services such as gmail, flickr, Google docs and Yahoo.

In short, it’s a good idea to have a separate password for services like Twitter and don’t use the same password for different services. Use a password generator such as 1Password if you want to make sure your passwords are secure.

An extra benefit to changing your Twitter password is that you automatically filter out the services you don’t use anymore.

Thanks to Robert Beekman for the input.

Story by Patrick de Laive

CPO and co-founder, TNW

Patrick de Laive is an experienced entrepreneur and daddy of Bo and Denne. He is co-founder of TNW and sporadicly invests in startups. He is (show all) Patrick de Laive is an experienced entrepreneur and daddy of Bo and Denne. He is co-founder of TNW and sporadicly invests in startups. He is a frequently asked speaker at (tech) events across the globe. Check his LinkedIn profile and @Patrick on Twitter for more information.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with

Twitter

Why you should change your Twitter password NOW!

Get the TNW newsletter

Also tagged with

France’s AFP sues Twitter over non-payments for displaying news

Elon Musk is putting his Twitter deal on hold because… bots

Join TNW All Access

Musk’s beef with Twitter and 3 other tweets that got him in trouble

Elon Musk’s pitch to investors: 69 million Twitter Blue users by 2025