Skip to main content

Are you a legal professional? Visit our professional site

Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

We Asked and We Received: Twitter Gets Two-Factor Authentication

By William Peacock, Esq. on May 23, 2013 1:14 PM

Twitter was atwitter yesterday with news of a big change to the site’s security protocols: users can now choose to enable two-factor authentication. That’s big news for everyone, even if you don’t use the social media site. After all, remember that fake tweet by a hacker that caused the stock market to briefly nosedive?

The new feature, which must be enabled by individual users, requires two steps to log in. You first enter your password (as always). Second, the system sends you a text message with a six-digit code that must be entered to get access to the account. It begs two very important questions: what about organizations and what about third-party tweeting apps?

Big Organizations

The big Twitter hacks that caused national panic (or, when The Onion was hacked, Internet hilarity) weren't of individual users. If your account gets hacked, you'll most likely just tweet spam or viruses. That's bad, but not stock-market-collapse-bad. When Syrian hackers tweeted a false alert about an explosion killing the president on the Associated Press' Twitter account, it had a much more significant impact.

Of course, the phone-text-trick works great with users. It only adds a few seconds to the log in process and instantly makes your account much more secure. But what about organizations? Do you assign your social media chief's phone number to the account? What if they are on vacation and someone else needs to log in?

Third Party Apps

Many people use third-party apps to read, write, and schedule their tweets, as once you have more than a handful of people in your network, your tweet feed can get a bit overwhelming. For these apps, you have to visit the Twitter applications page, which will generate a temporary password to use when logging in to the app.

The Solution ... and a New Problem?

Perhaps this will be the solution for organizations. Manage your tweets through an outside application and then, if the social media guru is in Hawaii, you can get a temporary password to use on the app. Then again, what's to stop a hacker, who cracks your password (much like they did to the AP), from just using the temporary password feature to send tweets to your account through third-party apps?

Ah, forget it. You'd probably be better off hiring this guy to guard your account.

Related Resources:

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard

Find a Lawyer

More Options