Twitter looks to increase security after recent hack

email article email article print article print article tip @techmeme

Twitter logo

When 250 000 of your accounts are hacked, you know it’s time to step up security. In the wake of the attack late last week that exposed hundreds of thousands of Twitter usernames, email addresses, session tokens and encrypted passwords, the social network is recruiting engineers to focus on implementing multifactor authentication and locate potential weak spots in its system.

According to a job listing, Twitter is interested in building “a more secure platform and user experience.” During the recent “sophisticated” attack (which Twitter suggests may be linked to the security breaches at the New York Times and Wall Street Journal), the company tracked down one live connection attempting to access user data, but estimates that the hackers could have been accessing information for thousands of users before the usual log in attempts were spotted by its team. Which is probably why it’s looking for someone to work on “multifactor authentication and fraudulent login detection”. It seems that captcha you see after too many failed log in attempts just isn’t cutting it any more.

Although the hack only affected a small percentage of the social network’s 200-million active users (and the affected account holders were notified shortly after Twitter figured out what was happening), it seems the company is working on implementing extra layers of security. One form of multifactor authentication, for example, could require users to enter a code SMSed to their phones when they try to log into Twitter from a new location or unfamiliar device.

It’s a system that is already available on other web services, like Gmail, and makes it more difficult for hackers to access your account with just a password — they’d need your phone too. It also serves to alert the owner that someone is trying to access their account from a strange computer or mobile device.

Until Twitter rolls out the option though, the most you can do is change your password to something long, unique and complicated. It also stands behind a recent security advisory that recommends you disable any Java plugins that may be active in your browser.

email article email article print article print article

Most popular articles

Topics for this article

[ advertising enquiries ]

Share
  • BURN MEDIA TV

    WATCH THE LATEST EPISODE NOW
    Latest Episode
    Unboxing the Acer Chromebook C720P

MORE HEADLINES

news

VIEW MORE

interviews

VIEW MORE

future trends

VIEW MORE

entrepreneurship

VIEW MORE

social media

VIEW MORE

facebook

VIEW MORE

twitter

VIEW MORE

google

VIEW MORE

advertising & marketing

VIEW MORE

online media

VIEW MORE

design

VIEW MORE

mobile

VIEW MORE

More in Twitter

Twitter buys social TV analytics company Bluefin Labs

Read More »