Twitter tells users it has fixed a bug on password resets
In a blog post, Twitter said it has proactively logged people who may have been affected users out of active sessions. The social media giant said if a user proactively changed his/her password on a device, it still had an open session on another device and that session may not have been closed.
Microblogging platform Twitter has said it recently fixed a bug that allowed the user accounts to stay logged in from multiple devices after a voluntary password reset.
In a blog post, Twitter said it has proactively logged people who may have been affected users out of active sessions. Explaining further, the social media giant said if a user proactively changed his/her password on a device, it still had an open session on another device and that session may not have been closed.
The web sessions were not affected and were closed appropriately. According to Twitter, the bug was introduced after the company changed the systems that power password resets.
Twitter said it has directly informed the people they were able to identify who may have been affected by this, proactively logging them out of open sessions across devices and prompted them to log in again.
“We realize this may be inconvenient for some, but it was an important step to keep your account safe and secure from potential unwanted access", the social media platform said.
Twitter has asked all the users to check out the controls available in the settings and review active open sessions regularly. The users can also review how to reset a lost or forgotten password on the Help Center.
“We recognize and appreciate the trust you place in us, and are committed to earning that trust every day”, Twitter said.
In August, Twitter had informed its users that it had fixed a bug which exposed the account details of users to a ‘bad actor' after reports emerged that the personal information of 54 lakh Twitter users was being sold by a hacker.