Twitter logs users out after a just disclosed "incident impacting password resets"

Twitter has notified users that it identified and fixed a bug that enabled accounts to remain logged in on multiple devices even after a password was voluntarily changed.

The post notifying everyone about the issue elaborated that "if you proactively changed your password on one device, but still had an open session on another device, that session may not have been closed. Web sessions were not affected and were closed appropriately." Until the announcement that this was fixed, it's existed since the social network implemented changes to the password system in 2021.

Anyone that was potentially impacted by this that Twitter was "able to identify" has been informed of the bug, with every device they were logged into Twitter on proactively logged out. Twitter users can confirm what instances they're logged into by visiting twitter.com/settings/sessions.

Further coverage: Twitter Privacy Blog Engadget