A place for all things security.

Twitter SNAFU Triggers Password Reset Emails for Many

Mar 4, 2014 // Dan Yelin

If you use Twitter, you’ve probably got a message in your inbox telling you to change your password. No need to freak out–you’re not alone.

Last night Twitter, in what is now being described as a system glitch, sent password reset email to a number of users. The email was phrased to indicate that Twitter’s password database had been infiltrated by hackers, stating that “Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We’ve reset your password to prevent accessing your account.”

According to a Twitter spokesman, the email was not triggered by an infiltration or attack, rather, it was accidentally triggered by the company itself. The number of users impacted by this message appears to be less than one percent of account holders. While fortunately this scare turned out to be false, it didn’t stop users from sounding the alarm. This episode serves as a reminder to us all to practice good password management. A list of password do’s and don’ts courtesy of the National Cybersecurity Alliance are included below:


  • Select passwords that include a combination of upper and lowercase alphabetic characters, symbols, and numbers.

  • Rotate your passwords regularly. We recommend changing passwords every sixty days, but rotating them every six months will put you way ahead of most others.

  • Develop a difficult-to-guess but easy-to-remember password that incorporates memory devices.

  • DO NOT

  • Use all or part of your name in your password.

  • Use a password of all numbers or a single, repeated letter.

  • Use a word contained in any dictionary.

  • Use a password with a length under six characters.

  • Reuse or recycle passwords.