After Hacks, Twitter Learns How to Two-Step … Finally
After a series of embarrassing incidents this year involving hacked Twitter accounts, the service has announced a two-step authentication method, something that could offer your social presence just the protection it needs.
Associations with worries about brand security on Twitter finally can breathe a sigh of relief.
It’s taken the service a little while to step up its security, but Twitter enabled two-step authentication this week for all users. More information here:
What it is: To put it simply, Twitter’s new login verification system uses a combination of both an email address and a verified mobile phone number to ensure that the person logging in is supposed to have access to the account. When you log in, you’ll have to type in a code sent to your phone via SMS. If you rely on one of a number of third-party apps to log in instead of the Twitter client proper, don’t worry about things getting too complicated: “With login verification enabled,” the company notes, “your existing applications will continue to work without disruption. If you need to sign in to your Twitter account on other devices or apps, visit your applications page to generate a temporary password to log in and authorize that application.” Check out the video above for further explanation.
Still unsure? Just ask Burger King, or the Associated Press, or The Onion if the extra security is a good idea. All three brands suffered damaging attacks to their social presences—and in AP’s case, it briefly affected the stock market. Mashable‘s Samantha Murphy noted the value of the service for both brands and individual users, saying the risk of being hacked may be too high for brands to ignore. “Brand hacks can cause embarrassment, spread malware, affect markets and company stock, and even damage brand reputation,” she explains. “Not to mention the time lost in recovering and issuing apologies.”
Make two-step your last line of defense: If you’re seriously concerned that your Twitter account may be attacked, consider putting a secondary layer between your account and your employees by using secondary services like HootSuite and Sprout Social. An extra layer of separation between your accounts and your employees can limit the amount of access needed to a single account by large teams. But as Twitter pointed out in a memo after the Associated Press attack, even this solution may have its weaknesses. “Even if you use a third-party platform to avoid sharing the actual Twitter account password, each of these people is a possible avenue for phishing or other compromise,” the company stated in the document, acquired by BuzzFeed. The memo also offers a number of other suggestions on Twitter account security.
Do you plan on turning on two-step authentication for your association’s social presence? Let us know your take in the comments.