How To Secure Your Twitch Account After The Recent Leak

How To Secure Your Twitch Account After The Recent Leak
Image: Twitch / Kotaku

Twitch recently suffered a major hack which ended with user information, source code and payment details leaking online for everyone to see. It included streamer income reports from 2019, information about an alleged Amazon-led Steam rival, as well as internal tools and historical data. If you’re somebody who’s ever used the platform, it’s a good idea to secure your account with 2FA and new passwords now.

While it’s unlikely your account will be used for nefarious purposes, the full extent of the data leak is currently unknown and could very well mean your passwords are compromised. As with everything else on the internet, it’s better to be safe than sorry — so a bit of a spring cleaning is in order.

The first thing you’ll want to do is reset your Stream Key. This is the code that allows anyone to stream from your account, so you can understand why you’d want to change that first.

How to reset your Twitch Stream Key

To reset your Twitch Stream Key, click your profile image in the top right and select Creator Dashboard. 

From here, pop out the Dashboard menu, select Settings Stream then hit that Reset button next to your hidden Stream Key.

stream key reset
Screenshot: Kotaku Australia

This should prevent any other parties from streaming live to your channel.

But you’ll also want to do a few more things to secure your account, like enabling two-factor authentication and changing your Twitch password. If you have any accounts linked to Twitch, ie. Amazon, you should probably change that password too.

To change your password on Twitch, click your profile image, then Settings Security and Privacy Password. 

Then scroll down and set up two-factor authentication.

How to enable 2FA on Twitch

To enable Twitch 2FA, follow the same settings to change your password: Settings > Security and Privacy, then scroll down to the Two-Factor Authentication button. Click through, add your mobile number and follow the steps to keep your account secure.

Note this won’t prevent every hack (unfortunately 2FA has its own flaws) but it’s better than a kick in the teeth, and it should mean any potential user data that may have leaked is now useless.

Whether Twitch provides you income or not, it’s a good idea to keep your account secure and make sure your data isn’t being exploited online.

It’s likely we’ll see more information about the Twitch leak in future but until we know more, it’s best to stay safe and alert for any suspicious activity on your account.

Comments

  • What is the risk of an encrypted password list being leaked?

    Can it be bruteforced in a week? A Year? A decade?

    Could twitch just force everyone to change their password on their next signin?

  • PROTIP: Changing your password will *also* change your stream key. So if you already changed your password, then you don’t need to worry about changing the stream key.

Show more comments

Log in to comment on this story!