InfoSec Handlers Diary Blog

SANS Site Network
- Current Site
- SANS Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

Twitter Mass Password Reset due to Phishing

Published: 2010-02-02
Last Updated: 2010-02-02 21:47:04 UTC
by Johannes Ullrich (Version: 1)

Twitter is sending out a large number of e-mails, asking users to reset their passwords. It appears a large number of passwords got compromised in a recent phishing incident (mine included).

When I received the message at first, I considered the e-mail a phishing attempt in itself. But all the links appeared to be "good". If you receive an e-mail like this, I recommend the following procedure:

delete the e-mail
go to twitter by entering the link in your browser. Best: use https://www.twitter.com (httpS not http) (hey. I got a link for you to make it easier ;-) https://www.twitter.com
change your password.
do not reuse the password, do not use a simple password scheme (like "twitterpassword" and "facebookpassword")

I know it is hard. A lot of people will advice against writing the password down, or using a "password safe" application. But considering the risks, I am tend to advice people to rather write down the passwords or use a password safe application compared to using bad / repeating passwords.

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: passwords phishing twitter

8 comment(s)

Top of page

Diary Archives