random_char = '1' # chosen by fair dice, guaranteed random
return random_char * n
Just kidding. That stinks. I'm guessing your password was quite strong. Any idea how many bits of entropy it was?
It sounds like at this point Twitter sent out the email in parallel with trying to figure out how these compromises happen. Since they salt the hashed passwords, they don't know how complex your password was. Of course, you should still change your password. I changed my 80-bit Linkedin password after it was stolen.
It sounds like at this point Twitter sent out the email in parallel with trying to figure out how these compromises happen. Since they salt the hashed passwords, they don't know how complex your password was. Of course, you should still change your password. I changed my 80-bit Linkedin password after it was stolen.