Days after Twitter reset 250,000 account passwords after a hacker attack, it has emerged that the microblogging...
service plans to strengthen its login security with two-factor authentication.
The move is aimed at making it impossible for hackers to break into accounts, even if they obtain user passwords.
Last week Twitter reset the passwords of 0.13% of its users as a precaution because of uncertainty about whether or not hackers had accessed the encrypted passwords of account holders.
Google already offers a similar two-factor authentication system for its Gmail service that requires a code sent to an account holder’s mobile phone as well as a password to grant access.
Last August, Dropbox announced it was to implement two-factor authentication and create a webpage so users can track logins. Dropbox made the changes after attackers used stolen passwords to access user accounts.
Read more about two-factor authentication
- Limitations of two factor authentication (2FA) technology
- Dropbox to implement two-factor authentication after security breach
- Two-factor authentication alternatives
- Enterprise mobile access: Considerations for two-factor mobile authentication
- Alternative authentication: New authentication methods for enterprises
- Secure tokens: Preventing two-factor token authentication exploits
The new Twitter system will be activated if any attempt is made to access their account from a device or location they have not used before. It will require a one-time access code to open the login page.
Twitter said the successful candidate will have the opportunity to design and develop user-facing security features, such as multifactor authentication and fraudulent login detection.
The addition of another layer of security around logins is the latest in a series of moves from Twitter to protect its users from unauthorised access to accounts.
Last August, Twitter added secure sockets layer (SSL) connectivity to its website and third-party apps to ensure users' credentials could not be captured from open Wi-Fi networks.