Twitter yesterday revealed it had fixed a bug in its hashing process that saw passwords internally logged in plain text. The company asked all its users to change their Twitter passwords, and if they used that password anywhere else, to change it there too, just in case. Then, all hell broke loose.

A lapse in security should always be criticized and scrutinized. There is a difference, however, between attacking Twitter for making a mistake and attacking Twitter for disclosing a mistake.

It’s natural for the first reaction to be anger any time one learns their password was not properly secured. But after one calms down, the next reaction should not be anger at the company, assuming said company decided to volunteer the information.

Companies have been rightly raked over the coals for only disclosing security breaches months, if not years, after the fact. The number of hacks, security snafus, and human errors that have occurred with our accounts and which we will never know about makes my stomach turn.

Twitter made the right call here, and we can only hope that it and other companies that go through a similar scenario (there will be plenty more) will do the same. That goes for when the issue is both less and more severe. Any time user data was compromised, might have been compromised, or was potentially, theoretically, and hypothetically open to being compromised, the company should communicate as much as possible.

If we continue to publicly crucify companies for doing so, they will not see a reason to play ball. Nobody wants to live in a world where companies only do what they are legally required to.

We should be sending a message that Twitter did good here. Again, not in terms of security, but in terms of being willing to talk about it.

That doesn’t mean the execution was perfect. Case in point:

While I have seen a lot of tweets focusing on Twitter’s mistake, and plenty criticizing Twitter for the wording in how it disclosed its mistake, I have seen very few applauding Twitter for speaking about said mistake.

Thank you, Twitter, for disclosing that such a bug existed. Thank you, Twitter, for asking us to change our passwords. Thank you, Twitter, for trying to be transparent.

You catch more flies with honey than you do with vinegar, communication is a two-way street, don’t shoot the messenger, and all that. We should show appreciation when companies are transparent, and continually push for more.

So again, thank you, Twitter. Also, when was this bug formed, found, and fixed? Was anyone reprimanded? How many passwords are we talking about?

ProBeat is a column in which Emil rants about whatever crosses him that week.