Twitch possibly hacked -- all users forced to change passwords
With so many security breaches nowadays, it can feel a bit fatiguing. You come up with what you think is a really good password, only to have a website hack compromise your credentials. This is why it is very important that you do not use the same password -- or similar variations of it -- on multiple sites. If a hacker gets the password to one site, they may try it on others; scary stuff.
Today, Twitch, the video streaming service for video gamers, announces that it may have been hacked. Yes, may have, as in the company isn't positive. It is frustrating that the company doesn't know for sure, but since there is a possibility, it is requiring that all users change their password.
"We are writing to let you know that there may have been unauthorized access to some Twitch user account information. For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube. As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account", says Twitch in a blog post.
The Amazon-owned company further explains, "we also recommend that you change your password at any website where you use the same or a similar password. We will communicate directly with affected users with additional details".
As a Twitch user, I am a bit dismayed to read this in a blog post. Why? I have yet to receive an email from the company that there was a potential breach. Actually, all I received from the company today was a spam-like email promoting a question and answer session with electronic music group The Prodigy. With that said, it seems odd that the company starts the blog with "We are writing you", as it sounds like this was a planned email that may never have been sent.
The next time you sign into Twitch, you will have to reset your password using your registered email address. It is a fairly painless process. The company shares the following password tips.
- Bad: Applesauce1! -- You're using different character types, but the majority of the password is a single word from the dictionary.
- Okay: ILoveGreenApplesauce -- You're using multiple words and lots of characters, but the words are too common.
- Good: !70v3Gr33n@pple$auce? -- You're using multiple words and lots of characters with uncommon substitutions.
- Best: Use a reputable password manager with a random password generator.
These are actually pretty good suggestions. If you aren't using a password vault/manager, you definitely should consider it. A service such as Lastpass not only secures your passwords, but will randomly generate powerful ones too.
Do you use Twitch? Are you worried by this hack? Tell me in the comments.