Twitter Forces Password Reset for Those Buying Followers

Twitter is now asking users who have used services promising them a higher follower count to reset their passwords. Actually, it’s not merely asking, it’s forcing these users to change their existing passwords. The reason for this is that these accounts may be vulnerable to abuse since the third-party services have the full account credentials, both the user name and the password.

“We're currently pushing out password resets to users who signed up for 3rd party follower-adder sites linked to suspicious behavior,” Twitter said through its Spam Watch account. What it means is that users affected won’t be able to log into Twitter without providing a new password for their accounts. Other than that though, Twitter is not taking any measures against the users who turned to this method of artificially raising their number of followers.

There’s certainly no lack of services advertising hundreds of thousands of new followers depending on how much you’re willing to pay. In a sense, many of these works, they manage to get you more followers. The quality of those followers leaves much to be desired though. One method these services employ is to have all the people that use them follow each other. Another is to automatically follow users and then remove the ones that don’t follow back.

Twitter makes it clear that using these services is a violation of its terms of service. But this isn’t Twitter’s biggest concern, the problem is that many of these services ask the user for their full account credentials. The Twitter API enables developers to use its authentication services, emphasizing the new OAuth system, in a way that allows users to cut off access to any app at any given time.

Handing over your password to a third party means that there’s no way to ensure that it doesn’t access your account other than to change the password, which is why Twitter is now forcing users to do it.

“We forced a password reset for users who previously gave their password to sites that did not use oAuth. This means that these sites had their password and could do things like make people follow or unfollow accounts, or automatically send spammy Tweets on their behalf without their knowledge,” Twitter told Read Write Web.