Writecombination Social Media
by Andrew Knowles

Twitter enhance their secure login process

Back in May 2013, Twitter introduced a new tool in the battle against hackers - an optional two-step login process.

When activated, this meant that when you logged into Twitter you were asked to input a code, which was sent to your mobile phone via text message.

This option could be turned on or off in ‘Settings’, where it appeared on the ‘Account’ tab, under ‘Login verification’.

While it was a useful solution for the security conscious Twitter user, this two-step authentication process had its flaws. Most obviously, that if you were without your mobile phone, you could not get into Twitter. Another problem, for those of us who operate multiple Twitter accounts, is that a phone number could only be associated with one account.

Security note: Many experts consider the text-based two-step authentication process to be a weak system, with hackers finding ways to put software on phones that can read the incoming codes.

Enhancements to Twitter’s two-step authentication

The good news is that Twitter has introduced some improvements to their two-step login process, one of which solves the problem of what happens if you can’t get access to your mobile phone. 

This is achieved with a backup code that’s created in your Twitter mobile app. You write down this code (pen and paper time) and store it in a safe place. Then, when you need to log in to Twitter using the two-step process and you can’t access your phone to receive the login code, you can pull out the backup code instead, and use that.

Of course, if you can’t find either the login code or the backup code, you’re still stuck.

Another change to the two-step process is that if you activate it from your mobile app, you won’t receive a code via text message. Instead, Twitter sends a login request message to the app, and to complete the login you must approve the request by clicking on a ‘tick’ or ‘check’ mark. 

This login request also tells you where in the world it originated. So if you get a request that you didn’t ask for, and it’s from a location on the other side of the world, there’s a very strong likelihood that someone is trying to hack into your account.

Unfortunately, finding the login requests means navigating to the security settings in your mobile app - unlike a text message, which is presented at the moment of accessing your mobile phone. Another potential drawback is that if you can’t receive mobile internet for any reason, you won’t be able to access the login request from the app.

The new app-based two-step login also allows one phone to authenticate the login process for multiple Twitter accounts.

With this latest update, Twitter’s two-step authentication process has taken a useful step forward.




Write a comment

If you have trouble reading the code, click on the code itself to generate a new random code.

Contact us

For a no-obligation chat about copywriting and social media services, call us on 07970 108191 or email hello@writecombination.com