Security finally matters to Twitter

J. Rae Chipera

Hang on for a minute...we're trying to find some more stories you might like.


Email This Story






An unwritten rule of social media is that unless a problem affects powerful people, it doesnt matter. While other sites have two-step authentication to make their networks secure, Twitter’s equivalent is still being tested.

Im a verified user and new feature tester on social media sites. I watch social platforms to ensure they are acting within the best interest of users.

Twitter Inc. has a problem with security, and until recently, they haven’t seemed to care.

Hackers compromised the Associated Press’ Twitter account on April 23, posting a fake Tweet that stated two bombs went off at the White House and the president had been injured.

Prior to the AP hack, both Justin Biebers profile and BBC Weather were hacked (among others). Afterward, CBS News confirmed that two of its Twitter accounts were compromised. Now that security issues affect a celebrity, the media and the government, writing code in the interest of user security is on the to-do list at Twitter.

Most social sites, including Facebook and Google+, have an option called “two-step authentication.” Even the notoriously hacked Yahoo Mail has it.

When users enable it, the site will request a PIN and send it to the user via text message or phone call. If the user’s profile is accessed on a computer that is not verified as one he or she uses, a hacker would need to compromise the user’s phone in addition to getting the password in order to flank two-step verification.

Twitter is working on a two-step security feature, but a release date beyond “soon” hasn’t been provided.

Google released their two-step feature to the public in Feb. 2011, but the authentication project started around Sept. 2010. Twitter posted job openings for development of the security feature in February. Therefore, it will likely be at least another few months before it becomes available.

Two-step verification has flaws, and a better solution to security issues should be invented.

Users who are traveling abroad or out of range of cell towers would probably deactivate the feature. Without cell reception, the PIN cannot be received and the user would be locked out of his or her account. If someone were to immigrate, that lockout could be permanent.

International commuters probably don’t use the paramount feature. They can, but it’s expensive. The PIN could be sent to two mobile numbers, or even a backpack full of phones if the user travels frequently. A user can also pay for international cell use or spend the fortune on an iridium phone.

Since Twitter is over two years behind everyone else in security issues, its developers would be wise to release a better option than what Google and Facebook (and virtually every other site) already have —- perhaps a new innovative, cost-effective way to account for the cross-border dilemma.

However, Twitter is not likely to develop anything new.

Print Friendly, PDF & Email