Twitter users have been told to change their passwords after the firm admitted it hadn't properly stored them.

Users will be receiving an email or pop-up in their app instructing them to change their passwords following a recent discovery by Twitter that a bug had stored some passwords in plain text in an internal log.

The social media firm says there's no indication the passwords have been misused by anyone - but if you're a Twitter user you need to change your password as soon as possible.

See our 30+ Ways to Stop Scams guide for how to protect yourself online.

What went wrong?

Usually, Twitter stores users' passwords in an encrypted mode, meaning they're unable to be taken and used from the database.

The bug, however, disrupted Twitter's process of masking passwords, meaning many users' passwords were being stored in their original state.

Twitter user? Change your password NOW

To change your password, you'll need to enter your Twitter handle on the Twitter website and then wait for a password reset link to be sent to the email address linked to your account.

If you can't access the email account you can contact Twitter for help.

To increase security you can enable login verification, often called two factor authorisation – meaning you'll receive a message when a log-in attempt is made.

If you've used the same password for other sites you should change it on those too. See our tips for creating a secure password.

What has Twitter said?

In a blog on its site, Twitter said: "We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.

"Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password.

"We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day."