Twitter double-locks its password security with spammer-foiling defenses

Twitter has added more security measures to its site – making password resets easier, and making it trickier for cybercriminals to log in to accounts, according to a blog post from the company.

The network faced a year of severe and highly public attacks on media accounts last year – including one where hackers posted a false Tweet claiming there had been multiple explosions at the White House. The Tweet caused chaos, briefly wiping 143 points off the Dow Jones as traders panicked, as reported by the LA Times.

Twitter now allows users to reset passwords via SMS – a useful measure particularly in developing countriees – and now offers an improved system to identify and block suspicious logins, according to ZDNet’s report. Much like Google’s system, Twitter will now identify user logins deemed suspicious by tracking location and login histrory.

Media organisations and celebrities such as Justin Bieber faced regular attacks by so-called “hacktivist” groups last year, with a fake Tweet posted via E! Online claiming the star was gay – which went viral with more than 1,000 retweets. The star’s own Twitter account was also hacked this year, as reported by We Live Security

Twitter will now allow users to reset their password via SMS – aimed at helping travellers, and those on the move. In its blog post, the company said, “The new process lets you choose the email address or phone number associated with your account where you’d like us to send your reset information.

“That way, whether you’ve recently changed your phone number, or are traveling with limited access to your devices, or had an old email address connected to your Twitter account, you’ve got options. We’ve also made it easier to reset a lost password on your iOS or Android device and have added some customized tips to help you strengthen your account security in the future.”

The new process requires users to have registered a phone number with the service. The password reset page now includes an option to reset via SMS. V3 reports that this option is “increasingly common” among services giving the example of Google Apps.

Twitter said, “If we identify a login attempt as suspicious, we’ll ask you a simple question about your account — something that only you know — to verify that your account is secure before granting access. We’ll also send you an email to let you know that we’ve detected unusual activity so you can update your password if need be.”

In the wake of a spate of hacktivist attacks last year, Twitter offered guidelines to media organisations – including those using a PC separate from the office network for its twitter account – to help defend against malware.

Author Rob Waugh, We Live Security

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
09 May 2014
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.