There’s a lot about network security that’s in the hands of unseen engineers. But the part that may be the most vulnerable is in our hands, the everyday (phone, tablet, computer) user.
Twitter just made it a little easier for us to protect our accounts, if we choose to. It’s a system called two-factor or two-step authentication. It means that logins have two steps, not just one.
In a blog post announcing the feature, Twitter explained that with this system we will need to have our mobile devices with us in order to login in.
After you enroll in login verification, you’ll be asked to enter a six-digit code that we send to your phone via SMS each time you sign in to twitter.com.
That means we have to give up a little convenience (otherwise known as “adding friction”) in order to protect our accounts from being hacked. I’ll walk out on a limb and guess that this is why Google’s two-factor authentication for gmail first allowed us to save a device for 30 days and now allows us to “save” a device in perpetuity (I think).
Some folks have been critical of the feature because of shared accounts. In other words, if there’s an organization account with several individuals tweeting, having only one mobile phone associated with the account would be problematic.
What’s the cardinal rule about shared logins?
Will you enable this feature on your account? Do you have it on gmail and Facebook? I have it on all three.