"Twitter believes that your account may have been compromised by a website or service not associated with Twitter," read an email many Twitter users received Thursday morning. "We've reset your password to prevent others from accessing your account."
No, the email's not a weird hoax — a lot of Twitter accounts' passwords were indeed reset by the social media service — but Twitter now admits that the alarm bells rang a little louder than necessary.
"[W]hen we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password," a note on Twitter's official status blog explains. "This is a routine part of our processes to protect our users."
But in the case of Thursday morning, the social network "unintentionally reset passwords of a larger number of accounts, beyond those that [it] believed to have been compromised."
Whoops.
While Twitter apologizes for "any inconvenience or confusion" the mass reset may have caused, we're kinda glad it happened — because it's a good reminder that we should to a quick security check on our Twitter accounts. Whether yours was one of the reset accounts or not, you should go ahead and go through the motions now. Change your password. De-authorize strange apps. Stop clicking on shady links.
To change your Twitter password, you should head to the actual Twitter website, http://twitter.com, and click on the little gear in the upper right corner. Hit the "settings" button there and then open up the "password" tab. The rest is obvious.
If you are unable to access your account on the Twitter website and have received one of the emails mentioned above, then copy and paste the "password reset" link provided in it into your URL bar and use it to change your password.
Just be sure to carefully inspect the link — it should lead to a twitter.com site — in case someone decided to use this morning's confusion to slip in a few hoax emails after all.
Once you've taken care of your password, you should also take a close look at the apps you've authorized to access your Twitter account. This is often where the weaknesses that hackers prey on lie. To do this, head to the Twitter website, http://twitter.com, and click on the little gear in the upper right corner. Hit the "settings" button there and then open up the "Apps" tab. You should see all the apps you've authorized.
Are some of the listed apps ones you no longer use (or don't even remember ever authorizing)? Revoke their access.
There. That wasn't so tough, was it now? These are things you should do regularly, every few months or so, in order to keep your account as safe as possible. And between password changes and app authorization cleanups, you should always take great care that you don't follow any questionable links.
And if you ever do tread into unsafe territory, follow these steps to make a security check right away!
Want more tech news or interesting links? You'll get plenty of both if you keep up with Rosa Golijan, the writer of this post, by following her on Twitter, subscribing to her Facebook posts, or circling her on Google+.