Twitter May Be Getting More Serious About Two-Factor AuthenticationBy: Josh Wolford - February 4, 2013
Is Twitter ramping up their efforts to implement two-factor authentication to make your accounts more secure?
Two-factor authentication (2FA), generically, is any approach to authentication that has multiple layers. Around the web (like with Google for instance), it is usually applied with a combination of a password and mobile alert. When a new device/location attempts to log on to a Google account, not only is a password required but so is a secondary authentication code sent to a user’s mobile device.
This way, an unauthorized user would not only have to obtain your password, but also your phone in order to access your account. It’s simply another layer of security, and one that companies like Google say “drastically reduces” the chances of a bad guy getting their hands on your personal info.
The Guardian points to a job posting on Twitter’s employment site. The post is for a full-time software engineer in the specialized area of product security. Among the duties of said position is to “design and develop user-facing security features, such as multifactor authentication and fraudulent login detection.”
As you may remember, Twitter made a pretty bad screw-up last November when they accidentally reset a bunch of passwords for accounts that hadn’t actually been compromised, following a hack that did see some accounts compromised.
Like any online service, Twitter accounts are vulnerable to being compromised and used for nefarious purposes – whether that be malicious spam messages or simply hijacking tweets in order to expose or embarrass.
In the past, Twitter has stated that they’ve “certainly explored two-factor authentication,” but to date the company has made no public declarations of intent. While this job posting is far from conclusive evidence that Twitter plans to implement 2FA, it does suggest that they are looking for personnel that could possibly draw up such a system.