Twitter plans to introduce a "two-factor authentication" option that would make it impossible for hackers or vandals to break into accounts – even if they acquired the passwords.
The "2FA" system, which is also offered as an option by Google for its Gmail email system, blocks access from new devices or internet addresses, even when using the correct password, unless accompanied by a short numerical code that is sent separately to the account owner's mobile phone.
The news comes just days after the company reset the passwords on at least 250,000 accounts, after hackers broke into its systems and were suspected of accessing users' data, including email addresses and encrypted passwords. Twitter said it reset the passwords as a safety measure, and that it was not certain whether the hackers had accessed them.
Two-factor authentication adds an extra layer of safety to any service, as well as effectively alerting the true owner when attempts are made to hijack the account. It could also have averted HMV's embarrassment last week when an intern began tweeting about mass firings at the company, leading to a brief struggle for control of the account with her boss.
When an attempt is made to log in to the account from a new device, app or unfamiliar location (as indicated by the IP address), a two-factor authentication system will prevent the login being authorised. A code will be sent to the registered user's mobile phone, and only when that has been entered in the same login page is access given to the account.
Source: The Guardian
