Anyone in government, business or media who manages a high-profile Twitter account should immediately take advantage of a new login verification feature made available Wednesday.
The social media microblogging firm announced on its official blog that a form of two-factor authentication is now available to users.
Such a system could have, in theory, stopped hackers like the Syrian Electronic Army, who have in recent months taken credit for the hacking of The Associated Press, The Financial Times, NPR, 60 Minutes, as well as BBC’s weather service, FIFA President Sepp Blatter, rights group Human Rights Watch and French news service France 24.
Two-factor authentication works by sending registered users a six-digit code in a text message (or in an e-mail) that they must enter before any attempt to log in to Twitter. As the announcement phrases it, this is a “second check to make sure it’s really you.”
In practice, a hacker would need not only to have guessed or brute-forced your Twitter password, but would also need to be in possession of your phone or have penetrated your e-mail.
The system is available on Google and some other online products, but previously was not available on Twitter.
“Of course, even with this new security option turned on, it’s still important for you to use a strong password and follow the rest of our advice for keeping your account secure,” reminds the Twitter blog post written by Jim O’Leary, a member of Twitter’s product security team.
Just go to “Settings” from the Twitter.com site, click on the “Account” menu, and scroll down to the “Account Security” option and check the box “Require a verification code when I sign in.” You will need to register a phone before continuing (there’s a step-by-step video, that shows users how to perform these steps), but it’s probably worth it for that extra peace of mind, so long as you don’t mind the hassle.