I never make the claim in All a Twitter that Twitter is perfect. It’s about people and people are flawed, fragile things. I do think the people that are behind Twitter are nothing less than brilliant, hard working people that are dedicated into keeping us all connected; and with millions upon millions of users all coming on to Twitter to answer the  “What are you doing?” mantra, it’s a full time job…

…but in light of recent events, Twitter has shown their human side. Or more to the point: when Twitter screws up, it is on an epic scale.

From TechCrunch, Robin Wauters reports that on July 15, 2009, a security issue plagued the Twitter servers unexpectedly. It was a technological Black Death of the worst kind: user error. Someone had made the password to Twitter’s servers the following: password.

Wow.

Wauters continues in TechCrunch’s “Another Security Tip for Twitter” article:

Twitter co-founder Biz Stone, responding to our email, said “this bug allowed access to the search product interface only. No personally identifiable user information is accessible on that site.” Although no user accounts were compromised or accessible, the vulnerability speaks to a greater culture of lax security at the startup, and may be indicative of how earlier breaches possibly occurred.

With that in mind, we have some friendly advice for Twitter. For instance, it would be wise if in the future Twitter insiders do not use the password “password” for the back ends of its systems or one of its co-founder’s names (Jack) as a username.

What makes this cock-up truly frightening is that this particular incident is in no way related to another security breach Twitter was addressing on their blog that same day. This has kicked up a lot of speculation and criticism both here and at other sites like the earlier cited TechCrunch and Mashable.com concerning the security measures at Twitter.com. Mashable’s Stan Schroeder, in his own commentary, thinks:

One thing is certain. Twitter needs to burn everything security-related down to the ground and build it all anew to make sure this won’t happen again. Employees should adopt stricter security practices; services that don’t offer adequate security should be replaced with better ones; in short, Twitter needs to seriously rethink its attitude towards security and privacy in all aspects of their work.

Twenty-four hours later, people are still asking a lot of hard questions concerning who is keeping the gates at Twitter.com. These are questions I’d love answers to, but as of the posting of this article there is no new chatter either at the Twitter Blog or at Twitter Status.

From the reassurances of Biz Stone, Twitter appears on top of this; but I remain stunned that using “password” as a password to access servers got by their checks and balances. For the love of tweets, Twitter, you’ve been on the cover of Time Magazine and have been hailed as one of the innovations of modern communication. The backlash has been flying and flying hard in comments for these cited articles, and Twitter should respond. This is no longer an issue of “growing pains” but more concerning a careless, lacidasical approach to what should never be taken lightly: the security of their membership.