Twitter strengthens login security after hacker attack

News

Twitter strengthens login security after hacker attack

Warwick Ashford

Days after Twitter reset 250,000 account passwords after a hacker attack, it has emerged that the microblogging service plans to strengthen its login security with two-factor authentication.

The move is aimed at making it impossible for hackers to break into accounts, even if they obtain user passwords.

Last week Twitter reset the passwords of 0.13% of its users as a precaution because of uncertainty about whether or not hackers had accessed the encrypted passwords of account holders.

Google already offers a similar two-factor authentication system for its Gmail service that requires a code sent to an account holder’s mobile phone as well as a password to grant access.

Last August, Dropbox announced it was to implement two-factor authentication and create a webpage so users can track logins. Dropbox made the changes after attackers used stolen passwords to access user accounts.

The new Twitter system will be activated if any attempt is made to access their account from a device or location they have not used before. It will require a one-time access code to open the login page.

The move to a two-factor authentication system was signalled by a Twitter job offer for a software engineer, according to the Guardian.

Twitter said the successful candidate will have the opportunity to design and develop user-facing security features, such as multifactor authentication and fraudulent login detection.

The addition of another layer of security around logins is the latest in a series of moves from Twitter to protect its users from unauthorised access to accounts.

Last August, Twitter added secure sockets layer (SSL) connectivity to its website and third-party apps to ensure users' credentials could not be captured from open Wi-Fi networks.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy