Twitter Investigates Increased Security After Password Hack
By Alistair Charlton | February 5, 2013 3:44 AM EST
Twitter is looking to invest in increased security following the hacking of 250,000 accounts over the weekend, as the social network looks for a software engineer to create multi-factor authentication.
Two-factor (or multi factor, as Twitter calls it) authentication means that it would be impossible for a hacker to gain remote access to your account, even if they knew the password, because every time the account is accessed from an unfamiliar device the account owner is informed and challenged with an automated text message.
Google already has two-factor authentication with Gmail, preventing you from accessing your account from an unrecognised device without you entering your password along with a numerical code sent to you by text; the hacker would need your password and access to your phone before the account could be compromised.
However this is not the default setting on Gmail and has to be enabled by each user.
The Twitter job listing for a software engineer in product security is based at the company's San Francisco offices and lists under opportunities: "Design and develop user-facing security features, such as multifactor authentication and fraudulent login detection."
On 1 February Twitter announced that it had been the victim of a cyber attack in which 250,000 account passwords were compromised. Passwords for the affected accounts were reset by Twitter, and emails sent to users, prompting them to create a new password.
"This attack was not the work of amateurs," Twitter said "and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked."
Twitter added that it was working with government and federal law enforcement authorities to trace those behind the attacks, and took the opportunity to remind its 200 million users to follow "good password hygiene" on Twitter and elsewhere on the web.
Graham Cluley, senior technology consultant at Sophos, told the Guardian that the added security would be "a splendid idea - I'm looking forward to it.
"It's something that we've wanted for some time. We've often said we would be prepared to pay for it - Twitter could monetise it by offering it to corporations and branded accounts. It would be pretty attractive."
There is no indication from Twitter that it plans to charge for added security - or indeed that multistage authentication is coming soon - but its growing appeal to brands, companies and personal users alike will no doubt make added security essential in future updates.
To contact the editor, e-mail:
Join the Conversation
- 5 Proofs Russia is Geared-Up for Shooting War with U.S. and Can Win Future Nuclear Showdown
- Target’s ‘Surprise Doorbusters’ Black Friday 2014 Deals On TV Sets, Entertainment Centres, DVD Players And More
- IKEA Black Friday 2014 Ad Includes Discounts On Home Furnishings, Appliances, Kitchen Designs, Beds, Sofas, Mattresses And Toys
- T-Mobile’s Black Friday 2014 Deals On Apple iPhone 6, Samsung Galaxy Note 4/Edge, Nexus 6, HTC One M8, LG G3, iPad Air 2 And Mini 3
- Black Friday And Cyber Monday Sale 2014: AT&T's Cricket Wireless Offers Discounts On Lumia 1320, Galaxy S5, S4 And HTC Desire 510
- ISIS Drug Transit From Afghanistan To Europe Confirmed By Russia: Money Goes Into Terror Funding And In New Recruitments
- ISIS Kidnaps Iraqi Defence Minister’s Family, Executes Female Parliament Candidates