Twitter is working on two-factor authentication—a security feature already used by Google and others—after last week’s hack of 250,000 passwords.
Twitter is apparently working on a way to make logins more secure.
The company is hiring a software engineer, product security, whose duties will include designing and developing security features for users. Among the examples given is “multifactor authentication and fraudulent login detection,” as the Guardian noted.
Other companies such as Google and Facebook employ multifactor authentication (or two factor authentication), which typically involves sending a secondary security code to your phone when you are—or someone else is—trying to log into your account from a new device or an unfamiliar location as determined by your IP address. You then need to enter that code into the system to complete the login process.
Adding this secondary code would make it much more difficult for hackers to gain access to your account. There are other ways to lock down user accounts on the Web, such as offering security questions each time you log in, but answering things like “what’s your pet’s name?” doesn’t really cut the mustard anymore when we all share such information with the world on Facebook.
Last February, Twitter activated the Secure HTTP protocol for everyone, meaning that browsing Twitter would be more secure when you’re on a public Wi-Fi network, for instance. However, that wouldn’t stop anyone from gaining access to your account if they had your password through other nefarious means. Meanwhile, the way in which Twitter deals with multiple attempts to guess users’ passwords meant hackers were able to force their way into some accounts by guessing passwords.
Twitter revealed last week that it reset the passwords on 250,000 accounts after hackers gained access to its systems and may have accessed some users’ personal information, including passwords. A multifactor authentication system would certainly keep hackers away from your account, even if they did manage to snag your other credentials.
Photo by Stew Dean/Flickr
Pure, uncut internet. Straight to your inbox.