Twitter is moving to improve the security of its microblogging service with the introduction of two-factor authentication, finally meeting the demands of users of the site after endless hacks on accounts over the last few months.
The company said that the new feature will allow users to connect their Twitter accounts with a mobile phone number, which will be used to verify logins. When the user attempts to log into their account, they will be asked to provide a randomly generated code that will be sent via SMS.
Security experts have hailed the use of two-factor authentication as critical for services such as social networking platforms.
Because the system requires a one-time use code, an attacker who harvests a user's account information through a phishing attack or brute force password guess will not be able to access the account.
“Every day, a growing number of people log in to Twitter,” explained Twitter security team member Jim O'Leary.
“Usually these login attempts come from the genuine account owners, but we occasionally hear from people whose accounts have been compromised by email phishing schemes or a breach of password data elsewhere on the web.”
In order to set up the new features, users will be required to provide a verified mobile phone number and email address. The company will then send a verification message to the user in order to set up the feature. Twitter noted that the service may not work properly with certain mobile service providers.
When active, the two-factor authentication could help to curb an outbreak of attacks on high-visibility accounts. Targets including the Associated Press and the Financial Times have been targeted by attackers who retrieved credentials from phishing attacks.