14 DAY TRIAL // After a few months of speculation and rumor, Twitter is finally unveiling its two-factor authentication system. We've known it was working on it, thanks to a job ad, but Twitter never actually acknowledged it explicitly.
But the feature is here now, finally making Twitter accounts more secure. Considering the long, long string of Twitter account hacks that have been plaguing news organizations and big companies alike, the feature will be very welcome.
Too bad though that it's precisely these large organizations that are going to find it the least useful.
"Today we’re introducing a new security feature to better protect your Twitter account: login verification," the company explained.
"This is a form of two-factor authentication. When you sign in to twitter.com, there’s a second check to make sure it’s really you. You’ll be asked to register a verified phone number and a confirmed email address," it added.
Enabling the feature is simple enough, just go to the Accounts Settings page on Twitter and select "Require a verification code when I sign in."
You'll be asked to provide a phone number where the codes will be sent, enter the code you receive and that's it. Then, when you log into Twitter from a new browser or device, you'll have to provide the code again.
Existing apps you have hooked up to Twitter won't be affected by this, but you'll have to generate temporary, unique passwords for each new app you link to your account, much like Google's application-specific passwords.
The entire system is very much like Google's, except for the fact that it only works via SMS and not a dedicated authentication app.
The feature should be great for regular users and should significantly improve the security of their accounts.
Organizations where more people share one account won't be so thrilled because, obviously, because they can only use one phone between employees.
However, this shouldn't actually be much of a problem since these organizations regularly use Twitter clients rather than the standard web version of Twitter. These client apps will have a unique password each, a password that can't be used anywhere else.
