Twitter begins rollout of two-factor authentication to limit account takeovers

Share this article:
Twitter begins rollout of two-factor authentication to limit account takeovers
Twitter begins rollout of two-factor authentication to limit account takeovers

Twitter has enabled two-factor authentication, the company announced Wednesday.

"Every day, a growing number of people login to Twitter," Jim O'Leary of Twitter's Product Security Team wrote in a blog post. "Usually these login attempts come from the genuine account owners, but we occasionally hear from people whose accounts have been compromised by email phishing schemes or a breach of password data elsewhere on the web."

The functionality will work similar to the way it does on Gmail.

Users opt in to the additional security feature in the "Settings" page and add a cell phone number. Then, each time they login to their account using their normal credentials, they are prompted to enter a six-digit verification code, which is sent via SMS to that phone number.

"With login verification enabled, your existing applications will continue to work without disruption," O'Leary wrote. "If you need to sign in to your Twitter account on other devices or apps, visit your 'Applications' page to generate a temporary password to login and authorize that application.'

Twitter has faced pressure to deploy two-factor capability in light of a number of highly publicized account takeovers, including one that targeted The Associated Press. In that case, the attackers, from the "Syrian Electronic Army," sent a tweet claiming there had been a bombing at the White House and President Obama was injured.

Not everyone is convinced, however, that an additional mode of authentication would be able to stop a dedicated hacker.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.