Twitch Hack: How to change your Twitch password
Users are advised to also turn on two-factor authentication following today’s Twitch hack
Twitch users have been advised to change their passwords and turn on two-factor authentication after the entire site was reportedly hacked this week.
An anonymous hacker has claimed to have leaked the entirety of Twitch, including its source code and user payout information, posting a 125GB torrent link to 4chan on Wednesday.
One cyber security expert said on Wednesday that, if fully confirmed, the Twitch hack “will be the biggest leak I have ever seen”.
Although the initial leak doesn’t appear to include any personal account information, Twitch users are strongly advised to change them anyway, because according to the hacker this is only the first part of the leak.
[UPDATE: Twitch has said there’s “no indication” that login details were exposed in Wednesday’s data leak, and that credit card information wasn’t taken.]
Users should also turn on two-factor authentication if they haven’t already. This guide will show you how to do that.
Twitch Hack: How to change your Twitch password
Even if a subsequent leak does include password information, it will likely be encrypted. However, this doesn’t mean it’s impossible to decrypt it.
To be safe, it’s a good idea to change your Twitch password now, so if passwords are indeed leaked at some point yours will already be out of date on the list.
To change your password on Twitch:
- Go to Twitch and log on with your existing username and password.
- Click on your avatar in the top-right corner and choose Settings.
- Go to the Security and Privacy option, then find the option that says “change password”.
- The general rule of thumb is that passwords are safer if they’re long, use both upper case and lower case characters, include numbers and use special symbols (like $ or &).
If you want to check your password to make sure it’s a good one, put it into Have I Been Pwned’s password page. This is a list of over 600 million passwords that have previously been listed in data leaks, so if your password isn’t on that list that means it’ll be a little safer.
Twitch Hack: How to turn on two-factor authentication on Twitch
Two-factor authentication is an added layer of security to protect your Twitch account even more.
It’s always advised that people turn on two-factor authentication on any site that supports it, because the extra security it provides is worth the minor inconvenience it adds.
further reading
The entirety of Twitch has reportedly been leaked
If two-factor authentication is turned on, any time you log onto the site from a new device or browser, you’ll be asked to confirm your identity using your phone.
This can either be done by entering a numerical code that’s either sent to your phone via SMS, or displayed on an authentication app like Google Authenticator.
The idea is that even if someone does manage to steal your username and password, without your phone they still won’t be able to log into your account, giving you time to log in and change the password.
To turn on two-factor identification on Twitch:
- Go to Twitch and log on with your existing username and password.
- Click your avatar in the top-right corner and choose Settings.
- Go to the Security and Privacy option, then scroll down to the Security setting.
- Choose “Edit Two-Factor Authentication” to see if it’s already been activated. If it has, you don’t have to do anything.
- If it hasn’t been activated, you’ll get to choose which type of authentication you want: a SMS message sent to your phone, or an authentication app.
