After a number of high-profile and embarrassing Twitter feed hackings, the tweeps over at Twitter realized that they need to join every other online service that has moderate importance in users’ lives and implement two-factor authentication already. If it’s good enough for our bank accounts and our Gmail, it’s good enough for our joke-delivery service, right?
Two-factor authentication is what you should have turned on for important things like…well, like your personal e-mail and your bank accounts, like I said in that last sentence. The idea is that you log in using a regular old password, and then a second piece of ID that proves you have access to something other than a regular old password. You might have to produce a code from a smartphone app, or a numeric code sent to your authenticated phone number or e-mail address.
Twitter has the advantage that it began as a phone-based service, which is where the 140-character limit originally came from
They produced a handy video showing users how to set up the extra security, if that’s what they want to do.
Of course, the service isn’t meant for regular old Twitter users like you or me with just a few dozen or a few hundred followers, some of whom may not even be spambots. It’s for high-profile accounts with lots and lots of followers like The Onion or the Associated Press. There’s a flaw inherent in this: accounts that belong to companies and to media outlets are usually shared. It’s sort of hard to set up mobile-based two-factor authentication for an account that a number of people share, but these colleagues probably don’t share a smartphone.
Twitter Introduces Two-Step Authentication [Mashable]