250,000 Twitter accounts were accessed by unauthorized sources earlier this year as part of a series of hacking attempts on several major traditional and social media outlets. China was accused of being the origin of many of these invasions, but denied any involvement in the incidents.
Regardless of who the culprits actually were, Twitter viewed the attacks as cause enough to up its security, and has now instituted an option for two-step authentication when logging on to the website. The new feature is optional for users and may even be a bit inconvenient, but adds a layer of security that hackers targeting individual accounts will find difficult to bypass. Once activated the two-step verification process will actually have users log into their accounts twice in order to sign in: once with their usernames and regular passwords, and a second time with a one-time-use passcode which Twitter will text to their cellphones.
In order to activate the new process, users will have to select the settings option from the top of the Twitter page using a desktop browser (the company’s mobile website does not seem to have this capability yet) and select the “Mobile” option to add their phone number to their account. Once that has been done, the user can go back to their general “Account” settings and check off the “Require a verification code when I sign in” option next to “Account Security.”
After the changes have been saved, Twitter will send a text message to the user’s cellphone anytime he or she tries to access an account from a new app or device; the passcode contained in that text will have to be entered in order to proceed to the user’s Twitter page. This process certainly takes longer than simply logging in through more conventional methods, and users are certainly not required to participate in two-step authentication if they would rather forgo the extra time consumption, but the inconvenience of waiting on a text comes with the reward of protecting access to one’s social media account from potential hackers in a fashion much more effective than a simple username/password combo.