Many Twitch users receiving forced password reset emails

Bradley Wint
Mar 4, 2017 2:41pm AST
Photo: Twitch

Many Twitch users received an email this morning claiming that there may have been unauthorized access to their accounts, and that their passwords would be temporarily reset.

This comes just a few hours after Twitch experienced technical difficulties in the past twenty four hours. Users reported being forced out of their accounts, with some being booted out mid-stream. They were then unable to re-login as the system claimed that their passwords were incorrect.

The self-reset function also seemed to be non-functional, as many have since not received their follow up emails (even though we did).

The email which came from email hidden; JavaScript is required advised users that their accounts may have been compromised, and they should conduct a password reset immediately. Beyond the email coming from the company’s domain, the message seems to be legitimately sent from them as no links were provided back to the website (usually included in phishing emails).

We believe that an unauthorized party may have accessed your Twitch.tv account. For your security, we have invalidated your existing sessions and we have assigned a temporary password to your account.

You will need to reset your password when you return to Twitch. To reset your password, click “Log In” at the top of any page on Twitch.tv. On the Sign In page, click the “Trouble logging in?” link to reach the Twitch.tv Password Assistance page. After you enter your username, you will receive an email containing a personalized link. Click the link from the email and follow the directions provided.

Get your daily tech burst in your inbox!

We also encourage you to enable two-factor authentication (2FA) to protect your account from unauthorized logins. 2FA requires two different methods of verification to log in to your Twitch account: your password and your mobile phone. If your password is compromised, your account will be inaccessible without the unique code sent to your phone. To learn more about Two-Step Verification, go to Twitch.tv, go to Help, and click Two Factor Authentication with Authy, located in the Getting Started section.

We are unable to say how your sign-in information was obtained since the activities used to obtain these details occur away from our websites. Some techniques used to gain unauthorized access include trying commonly-used passwords, trying credentials obtained from compromises of other services, and by using malicious software to capture a user’s keystrokes and Internet activity.

Sincerely,
Twitch

Even though they advised users to enable two-step login, it’s unclear if accounts were really compromised or not as some reddit users with 2FA enabled reported receiving the same email as well.

We have reached out to Twitch for a comment, and we will update this post accordingly.

Stay in the know

Subscribe to the Try Modern Tech Daily Digest for the latest tech news stories, deals, and how-to's in your inbox!

Founder/Executive Editor
PGP Fingerprint: EF2C 9B80 085C C837 3DA3 995D A864 F801 147F E619 | PGP Key
More From Technology

How to block those annoying autoplay videos on any website

By - Sep 17, 2017 12:51am AST
As more websites push for video content, their mix of autoplay videos and horrible delivery platforms make browsing many news websites a pain in the behind. Unfortunately, blocking Flash Player… Continue Reading

iPhone X vs. Galaxy S8 vs. LG V30: How does Apple stand up?

By - Sep 12, 2017 11:10pm AST
Now that the iPhone X, 8, and 8 Plus are out in the open, how will the top of the line Apple phone stand up to its recent competition? Let’s… Continue Reading

You can pre-order your gold-plated iPhone X starting at $7,495, with the top model costing $70k

By - Sep 11, 2017 11:06pm AST
With the iPhone X and 8 set to be announced on the 12th, iPhone accessory manufacturers are already busy at work putting the final touches on their cases and other… Continue Reading