Twitter begins rollout of two-factor authentication to limit account takeovers

Share this article:
Twitter begins rollout of two-factor authentication to limit account takeovers
Twitter begins rollout of two-factor authentication to limit account takeovers

Twitter has enabled two-factor authentication, the company announced Wednesday.

"Every day, a growing number of people login to Twitter," Jim O'Leary of Twitter's Product Security Team wrote in a blog post. "Usually these login attempts come from the genuine account owners, but we occasionally hear from people whose accounts have been compromised by email phishing schemes or a breach of password data elsewhere on the web."

The functionality will work similar to the way it does on Gmail.

Users opt in to the additional security feature in the "Settings" page and add a cell phone number. Then, each time they login to their account using their normal credentials, they are prompted to enter a six-digit verification code, which is sent via SMS to that phone number.

"With login verification enabled, your existing applications will continue to work without disruption," O'Leary wrote. "If you need to sign in to your Twitter account on other devices or apps, visit your 'Applications' page to generate a temporary password to login and authorize that application.'

Twitter has faced pressure to deploy two-factor capability in light of a number of highly publicized account takeovers, including one that targeted The Associated Press. In that case, the attackers, from the "Syrian Electronic Army," sent a tweet claiming there had been a bombing at the White House and President Obama was injured.

Not everyone is convinced, however, that an additional mode of authentication would be able to stop a dedicated hacker.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Study: Canada C-Suite execs say companies prepared for threats

A survey of Canadian business execs found that just over a quarter had experienced a cyber attack.

PHP vulnerabilities patched

Developers patched multiple vulnerabilities in PHP that would have allowed remote code execution.

Pennyslvania man sentenced after 'swatting' prank

Pennyslvania man sentenced after 'swatting' prank

David Barnhouse was sentenced to 18 months in prison after he hacked into a neighbor's Verizon FiOS router to post a bomb threat on a Pennsylvania mall's website.