Following several high-impact password breaches, Twitter could introduce two-factor authentication (2FA) on its website.
The rumour was all but confirmed through a job listing, looking for a software engineer in product security, with experience in areas such as “multifactor authentication and fraudulent login detection”.
Just last week, 250,000 Twitter accounts had their passwords reset, after Twitter detected a breach of its servers, in which usernames, email addresses, session tokens and encrypted versions of passwords were compromised. According to Twitter, there’s no telling how many users actually had their details accessed, or who carried out the attack.
It has also emerged today that Twitter will pay around $70 million to acquire Bluefin Labs, a social TV analytics company. The new resources could be used to improve the relationship with TV content providers and further develop Twitter’s ‘second screen’ functionality.
Two-factor authentication is an authentication method which requires the presentation of at least two out of three factors: a knowledge factor (such as a password or PIN) and a possession factor (such as a keycard or a smartphone) or another inherent factor (like a fingerprint or eye iris pattern). Twitter hasn’t officially confirmed it will introduce 2FA, but in light of recent cyber attacks, several analysts agree it is the reasonable thing to do.
Two-factor authentication would have prevented any widespread account compromise on the micro-blogging platform last week. With 2FA, even if the password is stolen, no one besides the original owner will be able to access the account.
Google and Microsoft have already introduced a form of 2FA. For example, if a user attempts to log into Gmail from an unfamiliar device, Google could send a confirmation request to the phone linked to the account in question.
“It’s something that we’ve wanted for some time,” Graham Cluley, senior technology consultant at Sophos, told the Guardian. “We’ve often said we would be prepared to pay for it – Twitter could monetise it by offering it to corporations and branded accounts. It would be pretty attractive.”
Some analysts have pointed out that two-factor authentication is not without its drawbacks. For example, losing the physical token “will be a pain, just like losing a key for a physical lock would be,” writes Brian Proffitt from ReadWrite.
How well do you know Twitter? Take our quiz!
After axing 31 percent of its workforce when it failed to be acquired by Amazon,…
Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…
Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…
New AI assurance platform from UK government will help businesses ensure they can safely develop…
Protecting kids? Australian government confirms plan to implement restriction on social media for children under…
Canada ordered China's TikTok business in the country to be dissolved over national security risks,…