Twitter Adds SMS As Second Factor Of Authentication
Phone will be second means of verifying user identity, Twitter says
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc94608acf452fd67/655cf371ab171e040a838b2a/329050_DR23_Graphics_Website_V5_Default_Image_v1.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
Twitter announced Wednesday that it will offer an SMS phone option as a second factor of user authentication.
"Every day, a growing number of people log in to Twitter," the social networking site said in a blog. "Usually these login attempts come from the genuine account owners, but we occasionally hear from people whose accounts have been compromised by email phishing schemes or a breach of password data elsewhere on the Web.
"Today we're introducing a new security feature to better protect your Twitter account: login verification," the blog states. "This is a form of two-factor authentication. When you sign in to twitter.com, there's a second check to make sure it's really you."
Twitter joins Google and other major websites in adding a second factor of authentication to their offerings this year. Google is also a member of the FIDO Alliance, which has proposed standards for replacing passwords with a more universal and secure method of authenticating users.
Observers said that Twitter's new offering will help make authentication more secure -- if users take the time to set it up.
"It's great that Twitter has released this feature, which significantly raises the bar for broad-based attacks," says Mark Risher, Yahoo's former "Spam Czar" and current CEO of security company Impermium. "As an optional feature, however, we now need to ensure that users opt-in and utilize it; two-factor does nothing if you haven't configured it in advance."
"Not all social media identities are created equal," says Entrust president and CEO Bill Conner. "Those with a material impact, such as corporate accounts, government entities, and public utilities, should be held to a higher security standard. Now that Twitter has launched an offering that account holders can opt-in to, it is the mutual responsibility of these high-profile Twitter account holders to take advantage of this security offering."
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024