Twitter mulls implementing two-factor authentication

Twitter mulls implementing two-factor authentication

Summary: After a sophisticated attack hit Twitter's users on the weekend, the micro-blogging platform is looking to hire a software engineer to help implement two-factor authentication.

TOPICS: Security

Twitter may have two-factor authentication in the works for its micro-blogging platform to increase its security.

According to a job advertisement, as first spotted by the Guardian, Twitter is looking for a software engineer to fit in to its product security division.

One of the responsibilities for the new engineer will be to "design and develop user-facing security features, such as multifactor authentication and fraudulent log-in detection." The job listing also says that the new engineer's work will "directly impact the security of hundreds of millions of Twitter users."

Other companies have been gradually introducing multi-factor authentication in the past few years. These include Google, Facebook, Yahoo, Amazon Web Services, Dropbox, Blizzard's Battle.Net, and Valve's Steam.

The security measure works in conjunction with users' username and passwords, requiring a third factor of authentication in the form of entering information from a hardware or software token, or a message received via SMS. Unlike regular passwords, the additional factor of authentication is only valid for a short period of time and cannot be chosen by the user. This eliminates the ability for attackers to brute force the additional code and saves users from making poor token selection choices.

Twitter's security has only recently been tested by hackers that Twitter claims were "extremely sophisticated." Over the weekend, it was forced to reset the passwords of over 250,000 users. It wrote on its blog that it "detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data," including one attack that was still "live" upon discovery.

Topic: Security

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Twitter mulls implementing two-factor authentication

    why don't they use and external system?
  • so many attacks....

    There have been and will continue to be a lot of cyber attacks worldwide. Additional security measures such as this two-factor authentication method, should be mandatory for any business and government that is serious about their security.