Password Security: Twitter Reminder



In a blog post twitter reminds its users about their password security highlighting best practices around passwords – both on Twitter and on the Internet generally. Among the reminders twitter posted that we further elaborate are:

1.     Use a strong password. Your password should be at least 8 characters that include upper and lower case characters, numbers, and symbols. You should always use a unique password for each website you use; that way, if one account gets compromised, the rest are safe.  In order to more easily remember these passwords, paraphrases can be used

What makes a password or passphrase strong?

A strong password:


A strong passphrase:

·         Is at least eight characters long.

·         Does not contain your user name, real name, or company name.

·         Does not contain a complete word.

·         Is significantly different from previous passwords.

·         Contains a combination of uppercase, lowercase, figures and symbols.


·         Is 20 to 30 characters long.

·         Is a series of words that create a phrase.

·         Does not contain common phrases found in literature or music.

·         Does not contain words found in the dictionary.

·         Does not contain your user name, real name, or company name.

·         Is significantly different from previous passwords or passphrases.

2.     Watch out for suspicious links, and always make sure you’re on before you enter your login information. Be cautious when clicking on links in Direct Messages. Whenever you are prompted to enter your Twitter password, just take a quick look at the URL and make sure you’re actually on Phishing websites will often look just like Twitter’s login page, but will actually be for destinations other than Twitter. If ever in doubt, just go directly to in your browser. 

This reminder if for every website and application one tries to access. It is common that users on Facebook, Twitter, Google and other social networking platforms will get so accustomed to the look of these platforms that they may forget to look at the URLs they are visiting. A phishing attack may take advantage of this and unsuspecting users will have their accounts compromised having provided their login details through the phishing attack.  

3.      Don’t give your username and password out to unknown third parties, especially those promising to get you followers or make you money. When you give your username and password to someone else, they get complete control of your account and can lock you out of your account or take actions that cause your account to be suspended. Be wary of any application that promises to make you money or get you followers. If it sounds too good to be true, it probably is! 

4.     Make sure your computer and operating system is up to date with the most recent patches, upgrades, and anti-virus software. Keep your browser and operating system updated with the most current versions and patches; patches are often released to address particular security threats. 



Here are the 25 most common passwords of 2012

1. password (Unchanged)
2, 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja (New)
24. mustang (New)
25. password1 (New)
If your password looks line one on this list: Please change it immediately