Called Login Verification, the new system gives Tweeters the choice of having a verification code sent to their mobile every time they log in to Twitter.
The users will then be able to enter a six-digit code sent via SMS, a system designed to provide a second check on top of a regular password to help ensure only authorized users log in.
The move comes after a spate of security scares for Twitter, including one high-profile incident that sent Wall Street shares tumbling, after someone hacked the Associated Press Twitter account and tweeted that Presdent Obama had been assassinated.
The new security measures are available right now and can be turned on from a user's account settings page.
|
|
Even with the new security feature turned on, however, users should still use a strong password and follow the site's advice for keeping accounts secure, Twitter said.
Some are skeptical that the change would be enough, however.
“You can’t close all of the gaps with just one step,” said Mark Risher, a co-founder of Impermium, a security start-up.
“People may not turn this on because it’s a hassle. And even when it is turned on, there are vulnerabilities.”
“[But] it still raises the bar, and makes hacking into an account significantly harder,” he said.
Meanwhile NZ-based Megaupload founder Kim Dotcom has laid claim to being the inventor of two-factor authentication, tweeting yesterday that Twitter's move to offer two-step authentication was a "massive IP infringenement" on what he claimed were his innovation and patent.
Big reveal: 1 billion+ Two-Step-Authentications on the Internet weekly.I invented it. Here's proof: google.com/patents/US6078…
— Kim Dotcom (@KimDotcom) May 22, 2013
Online reports are saying Dotcom's patent is assigned to him under his previous name, Kim Schmitz, and is filed in the United States and the European Union.
It covers a "method for authorising in data data transmission and communications systems" and the patent, US6078908, was filed in April 1998 and published in June 2000.
