If you look at the source code — on the sign up page — and do a simple search for ‘twttr.BANNED_PASSWORDS’ you can find all 370 passwords that you can’t use. Hit more to see the passwords.
(more…)

The Twitter admin hack appears to be the result of a successful social engineering attack against one of Twitter’s employees, using the same password reset “hack” that got Sarah Palin last year, the cracker gained access to the employee’s account by resetting their Yahoo! email account password. The hacker going under the handle of Hacker Croll featured 13 screenshots of Twitter’s admin panel, and commented that “The images were taken from the Admin area that was secured with .htaccess.” The screenshots featured internal data for accounts belonging to U.S President Barack Obama, Britney Spears, Ashton Kutcher, and Lily Allen, as well as a detailed overview of different sections behind the scenes of Twitter

I dont know why this is big news , like she ever used a password that wouldn’t have been cracked using a dictionary file? But none the less ,much like her gmail and youtube accounts Miley Cyrus Twitter account has been hacked. Of course if Twitter got it right the first time or after their other publicized hack and had limited account login attempts, they probably wouldn’t have succeeded.

Someone hacked into Twitter’s internal admin tools and compromising 33 high profile accounts, including President Elect Barack Obama,Fox News,and Britney Spears.

Here is Twitter’s official explanation.

The password was obtained by a bruteforce method using a wordlist only because Twitter didnt have lockout mechanism for their admin login, and the cracker was able to keep trying new passwords until he got into an admin account of Crystal,who’d chosen the weak password “happiness.”