* Major #Twitter Security Bug

A Twitter security flaw appears to allow one user to lock another user’s account simply by repeatedly trying to login to that account. It looks like that’s what somebody is trying to do to my Twitter account. Worse, there is nothing I can do about it, because Twitter appears to be unprepared for this (rather obvious) scenario.

Here’s the error message that I got when I tried to login – once – after dinner tonight:

2009-02-25-twitter-security

Locked out!

We’ve temporarily locked your account after too many failed attempts to sign in. Please chillax for a few, then try again.

So rather than have a way for me to contact Twitter about the unauthorized access to my account, rather than have a way for me to change my password, Twitter has the advice to “chillax.”

I would tweet about this as well, but I’m locked out and without options. Lovely.