* Major #Twitter Security Bug

A Twitter security flaw appears to allow one user to lock another user’s account simply by repeatedly trying to login to that account. It looks like that’s what somebody is trying to do to my Twitter account. Worse, there is nothing I can do about it, because Twitter appears to be unprepared for this (rather obvious) scenario.

Here’s the error message that I got when I tried to login – once – after dinner tonight:


Locked out!

We’ve temporarily locked your account after too many failed attempts to sign in. Please chillax for a few, then try again.

So rather than have a way for me to contact Twitter about the unauthorized access to my account, rather than have a way for me to change my password, Twitter has the advice to “chillax.”

I would tweet about this as well, but I’m locked out and without options. Lovely.

Print Friendly, PDF & Email

9 Replies to “* Major #Twitter Security Bug”

  1. If you reenter pass you can enter direct, but after you close your session & try to back, the message appears again… I have 3 days with this problem

  2. Wow, annoying is right. There’s no way to know how long to #*$!ing ‘chillax’, and no way to know if repeated tries re-sets the lock clock.

    Pretty damned amateur, but that’s not really surprising with Twitter.

  3. Good gourd this problem is ANNOYING! Couldn’t they at least provide some kind of CAPTCHA test like Google does on occasion?

  4. I’ve “chillaxed” about this problem on my account for two days now and no joy. The Twitter folks are not the sharpest knives in the drawer.

  5. Twitter must have a very novice operations staff. They do stuff like this that just pisses people off. The whole “chillax” idea shows that they don’t respect the time of the people using Twitter. They don’t give you any idea how long to “chillax” for, and you know any new attempt that is done too quickly is just making things worse.

  6. What happened in the end? Did it unlock itself? I have the same problem because of a malfunctioning Twitter add-on. 🙁

Leave a Reply

Your email address will not be published. Required fields are marked *