Following several high-impact password breaches, Twitter could introduce two-factor authentication (2FA) on its website.
The rumour was all but confirmed through a job listing, looking for a software engineer in product security, with experience in areas such as “multifactor authentication and fraudulent login detection”.
Just last week, 250,000 Twitter accounts had their passwords reset, after Twitter detected a breach of its servers, in which usernames, email addresses, session tokens and encrypted versions of passwords were compromised. According to Twitter, there’s no telling how many users actually had their details accessed, or who carried out the attack.
It has also emerged today that Twitter will pay around $70 million to acquire Bluefin Labs, a social TV analytics company. The new resources could be used to improve the relationship with TV content providers and further develop Twitter’s ‘second screen’ functionality.
Two-factor authentication is an authentication method which requires the presentation of at least two out of three factors: a knowledge factor (such as a password or PIN) and a possession factor (such as a keycard or a smartphone) or another inherent factor (like a fingerprint or eye iris pattern). Twitter hasn’t officially confirmed it will introduce 2FA, but in light of recent cyber attacks, several analysts agree it is the reasonable thing to do.
Two-factor authentication would have prevented any widespread account compromise on the micro-blogging platform last week. With 2FA, even if the password is stolen, no one besides the original owner will be able to access the account.
Google and Microsoft have already introduced a form of 2FA. For example, if a user attempts to log into Gmail from an unfamiliar device, Google could send a confirmation request to the phone linked to the account in question.
“It’s something that we’ve wanted for some time,” Graham Cluley, senior technology consultant at Sophos, told the Guardian. “We’ve often said we would be prepared to pay for it – Twitter could monetise it by offering it to corporations and branded accounts. It would be pretty attractive.”
Some analysts have pointed out that two-factor authentication is not without its drawbacks. For example, losing the physical token “will be a pain, just like losing a key for a physical lock would be,” writes Brian Proffitt from ReadWrite.
How well do you know Twitter? Take our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…