This is an industry standard.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
"Our investigation shows no indication of breach and we investigate as hard as we code plus, as you know, we keep the most complete logs in the industry. It's OK really; it's abundantly OK."
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Twitter : We kinda log your passwords sometimes, sorry. Me : Never ever send plaintext passwords not ever ever ever not even.
-
s/send/store/, the vast majority of websites will send passwords in plaintext during login, otherwise you need to do crypto on the client which doesnt have many benefits (the point of trust is still the their server). storing them is the problem
End of conversation
New conversation -
-
-
You nailed it
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Yeah this seems like a totally acceptable response from twitter. Rather than wait for a security breach story to leak, they’re proactive in fixing the mistake (let’s be honest, some engineer accidentally logged the plain text password) and are making steps to resolve the issue.
-
You are missing the part where they do not have enough internal training, processes, and audits to prevent or discover this in a timely fashion. It's not a bug, and it wasn't for just a few days. It is rightly a huge issue.
- Show replies
New conversation -
-
-
This Tweet is unavailable.
-
I get that this is a joke, but security is hard and I would much rather know that this happened. Perfect security is impossible, mistakes that are admittedly publicly are good even if the mistakes would have preferably not happened in the first place.
End of conversation
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

