Twitter comes clean over password reset gaffe
Social networking site admits recent security clampdown resulted in unnecessary password resets for some users.

Social networking site Twitter has been commended for admitting it reset more user passwords than it intended to during a recent security blitz.
The company came clean about the gaffe in a blog post yesterday. In it, the firm explained that it regularly resets the passwords of accounts that appear to have been compromised.
"We reset the password and send an email letting the account owner know this has happened along with information about creating a new password," said the post.
"This is a routine part of our processes to protect our users."
The company then went on to confess that it reset more passwords than it needed to during a recent security clampdown.
"We unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised [and] we apologise for any inconvenience or confusion this may have caused," the post concluded.
Speaking to IT Pro, Graham Cluley, senior technology consultant at security software vendor Sophos, said Twitter was right to admit its mistake, adding that it was unlikely to have caused users many problems.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"People end up trusting a company more when they admit they made a boo-boo than if they tried to initiate a cover-up," he said.
"It's inconvenient for those affected...and people who hadn't had their accounts compromised might panic they had been hacked, and waste time trying to determine if anything bad had happened."
-
Why are many men in tech blind to the gender divide?
In-depth From bias to better recognition, male allies in tech must challenge the status quo to advance gender equality
By Keri Allan
-
BenQ PD3226G monitor review
Reviews This 32-inch monitor aims to provide the best of all possible worlds – 4K resolution, 144Hz refresh rate and pro-class color accuracy – and it mostly succeeds
By Sasha Muller
-
96% of SMBs are missing critical cybersecurity skills – here's why
News The skills shortage hits SMBs worse as they often suffer from a lack of budget and resources
By George Fitzmaurice
-
Sophos Firewall Virtual review: Affordable network protection for those that like it virtualized
Reviews Extreme network security that's cheaper than a hardware appliance and just as easy to deploy
By Dave Mitchell
-
MSPs are struggling with cyber security skills shortages
News A shortage of tools and difficulties keeping pace with solutions were also ranked as key issues for MSPs
By George Fitzmaurice
-
Nearly 70 software vendors sign up to CISA’s cyber resilience program
News Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US
By Solomon Klappholz
-
Sophos and Tenable team up to launch new managed risk service
News The new fully managed service aims to help organizations manage and protect external attack surfaces
By Daniel Todd
-
Ransomware groups are using media coverage to coerce victims into paying
News Threat actors are starting to see the benefits of a more sophisticated media strategy for extracting ransoms
By Solomon Klappholz
-
Shrinking cyber attack “dwell times” highlight growing war of attrition with threat actors
News While teams are becoming more proficient at detecting threats, attackers are augmenting their strategies
By Ross Kelly
-
Cyber security in the retail sector
Whitepapers Retailers need to ensure their business operations and internal data aren't breached
By ITPro