In wake of hack, Twitter reportedly testing two-step verification - Los Angeles Times
Advertisement

In wake of hack, Twitter reportedly testing two-step verification

Twitter is said to be internally testing two-step verification for its service.
(Kimihiro Hoshino / AFP/Getty Images)
Share via

Twitter is working on a two-step verification security method that could make it more difficult for hackers to take over users’ accounts, according to a report.

Wired said Wednesday that the San Francisco-based social network is internally testing the security solution, which requires users to enter a special code sent to their smartphones whenever they log in from a computer or device they don’t normally use.

The news comes one day after hackers managed to hijack multiple Twitter accounts belonging to the Associated Press to tweet fake news. Hackers also took over the account of “60 Minutes” last weekend and multiple accounts belonging to NPR last week.

Advertisement

PHOTOS: The top smartphones of 2013

An Associated Press reporter said Tuesday that the news organization was hacked shortly after various staffers received phishing emails. Those emails are sent by hackers with the intention of tricking people into revealing their logins and passwords.

Two-step verification is useful because even if a phishing scheme is successful, a hacker must still obtain the code sent to users in order to access the account. Google and Facebook are two organizations that already offer their users two-step verification.

Advertisement

Wired said it’s unclear when Twitter will release the security feature to users, but it is expected to do so in phases. It may start with just a few users or with a few high-profile accounts. When asked about two-step verification, Twitter said it had nothing to share at this time.

Although two-step verification could decrease the amount of high-profile hacks, some have expressed concern about whether the method is a good fit for Twitter.

Jim Fenton, chief security officer for OneID, an online security provider, said he has doubts organizations will even use two-step verification because many times, Twitter accounts are handled by multiple people.

Advertisement

“Imagine every time someone wants to tweet, the one person with a registered device has to be sent an SMS message and enter a code to access the account,” he said in a statement. “It becomes a pretty significant roadblock to productivity.”

ALSO:

MetroPCS shareholders approve takeover by T-Mobile

Apple’s record $60-billion stock buyback cheers investors

Apple posts solid revenue, first quarterly profit drop since 2003

Advertisement