Technology content trusted in North America and globally since 1999
8,189 Reviews & Articles | 61,946 News Posts

Twitter featured a login bug that caused passwords to be sent in plain text

Twitter log-in menu featured a bug that sent passwords in plaintext, has now been patched
By: Trace Hagan | Internet & Websites News | Posted: Dec 21, 2012 12:04 am

Twitter isn't the most secure platform. They've had several data breaches and now a bug has come to light that allowed passwords to be transmitted in plaintext. Plaintext passwords are never a good thing to be sending around on the public internet, so this bug has been quickly patched by the engineering team.




Twitter's main page uses SSL (HTTPS) to send the login information. However, when logging in from the drop-down box on a tweet detail page, a bug in the menu sent the passwords unencrypted. The issue was orignally discovered by Dome9, who then detailed it to TheNextWeb who tried it out and contacted Twitter.


Twitter has reportedly patched the bug now, and it was apparently not used by anyone--at least not widely used. Security is important when you're dealing with personal data, though I'd be a bit more concerned if this bug was found on Facebook.


Related Tags

Got an opinion on this news? Post a comment below!