Twitter is moving to
improve the security of its microblogging service with the introduction
of two-factor authentication, finally meeting the demands of users of
the site after endless hacks on accounts over the last few months.
The company said that the new feature
will allow users to connect their Twitter accounts with a mobile phone
number, which will be used to verify logins. When the user attempts to
log into their account, they will be asked to provide a randomly
generated code that will be sent via SMS.
Security experts have hailed the use of two-factor authentication as critical for services such as social networking platforms.
Because the system requires a one-time
use code, an attacker who harvests a user's account information through a
phishing attack or brute force password guess will not be able to
access the account.
“Every day, a growing number of people log in to Twitter,” explained Twitter security team member Jim O'Leary.
“Usually these login attempts come from
the genuine account owners, but we occasionally hear from people whose
accounts have been compromised by email phishing schemes or a breach of
password data elsewhere on the web.”
In order to set up the new features,
users will be required to provide a verified mobile phone number and
email address. The company will then send a verification message to the
user in order to set up the feature. Twitter noted that the service may
not work properly with certain mobile service providers.
When active, the two-factor
authentication could help to curb an outbreak of attacks on
high-visibility accounts. Targets including the Associated Press and the Financial Times have been targeted by attackers who retrieved credentials from phishing attacks.
No comments:
Post a Comment