Twitter finally offers 2-factor authentication
Posted on 23 May 2013.
Following a slew of high-profile compromises of accounts belonging to media outlets such as AP and satirical news site The Onion, Twitter has finally implemented two-factor authentication to help prevent future ones. Unfortunately, the option is still not available to all users.

The security feature is easily turned on on the Account Settings page, and requires users to associate a mobile phone number with the account so that they could receive the verification code.

"With login verification enabled, your existing applications will continue to work without disruption. If you need to sign in to your Twitter account on other devices or apps, visit your applications page to generate a temporary password to log in and authorize that application," says Jim O'Leary of Twitter's product security team, and points out that the feature is "built on top of Twitter via SMS, so we need to be able to send a text to your phone before you can enroll in login verification (which may not work with some cell phone providers)."

Once the two-factor authentication feature has been enabled, the verification code is sent each and every time the user signs into Twitter via its website.

This first iteration of the feature does not offer persistent application passwords, and it also can't currently be used to secure more than one account.

Unfortunately for me, the feature doesn't work with my mobile operator, and I'm definitely not the only one, but let's hope that all these things will be fixed in the future.

As a side note: Kim Dotcom has chosen this moment to announce that Twitter, Google, Facebook and all other companies that have implemented two-step authentication are infringing his IP rights because of a patent he filed in 1997.


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th