Twitter adds SMS password reset option and suspicious logins notification

Forgot your Twitter password? You can now request an SMS code from Twitter to start the process.
Written by Liam Tung, Contributing Writer
2014-05-09 01.29.44 pm

Twitter users who have forgotten their password will now be able to reset their key via SMS codes, thanks to a new feature to remove login obstacles.

The feature comes in addition the traditional email password reset mechanism for Twitter, bringing it up to par with Google, which has enabled SMS-based password recovery since 2009.

To enable password resets via SMS, Twitter users will need to register their mobile number with their account. If they've forgotten their password, they'll be able to go to the standard 'Forgot password?' page and enter or their mobile number or username.

Twitter will then send a six digit code that expires after 15 minutes, which the user inputs to a web page before being prompted to pick a new password.

Twitter has troubleshooting advice here for users that run into difficulty.

"The new process lets you choose the email address or phone number associated with your account where you'd like us to send your reset information. That way, whether you've recently changed your phone number, or are traveling with limited access to your devices, or had an old email address connected to your Twitter account, you've got options," Twitter said in a blogpost on Thursday.

Twitter has also stepped up its game on suspicious logins, also something that Google began doing back in 2010. The company will be looking at location, which device is being used, and login history, among other things to determine what’s suspicious.

"We're aware that many people reuse the same passwords across multiple sites. And when any of these sites are compromised, stolen passwords could be used to access your account on Twitter," the company said.

When a dodgy login is detected, Twitter will ask the user a secret question about their account before granting access. It will also send an email notification that it has detected unusual activity.

Read more on Twitter

Editorial standards