This si so embarassing and it pointed out that we don't actually need a password. Not your key, not your access should be implemented.
What is that? lol the problem was on the twitter and it has nothing to do with the password as when the email that already used to sign up on twitter was not getting hacked and everything will be undercontrol. The problem was hacker changing all of email.