A blog post published Tuesday night by Twitter Director of Information Security Bob Lord came a day after the official Twitter account for Burger King was hacked by pranksters who used their unauthorized access to publish tweets falsely claiming the fast food chain had been sold to arch-rival McDonald's. Lord's post also followed a similar compromise of Jeep's Twitter account, resulting in the Chrysler division's logo being replaced with one belonging to competitor Cadillac. The account takeovers came almost three weeks after hackers pierced Twitter's defenses and stole cryptographically protected password data belonging to some 250,000 users.
Lord didn't say how the Burger King and Jeep accounts were taken over, although he did go on to cite some frequently repeated password advice. Chief among the recommendations: use a password that's a minimum of 10 characters and includes upper- and lower-case letters, numbers, and symbols. This advice is good, but as Ars demonstrated in August, many passcodes that meet these criteria remain easy pickings for crackers.