Site icon IT World Canada

Two-factor authentication sought for Twitter

It’s time for Twitter to catch up with other social networking and Web-based companies an beging offering its users better protection, according to one security expert.

For example, the microblogging site could employ two-factor authentication to protect the increasing number of consumers, businesses and prominent individuals using the microblogging site, said Graham Cluley, senior technology consultant for Sophos Ltd.

Wisniewski’s suggestion came shortly after hackers broke into the Twitter Account of Saudi Aramco, the national oil company of Saudi Arabia and replaced the company’s logo with a picture of actor Heath Ledger made-up as The Joker for the Batman movie The Dark Knight.
Image from Naked Security
The incident came at the heels of a security breach this last week suffered by cloud-based note taking service Evernote which resulted in the exposure of some 50 million user passwords.

RELATED CONTENT

Perfect authentication remains elusive
50 million Evernote passwords hacked
Reporter’s hacking ordeal is a security lesson

The hackers also tweeted a series of messages to the oil company’s 46,000 followers.

“Once again, a corporate brand is left wishing that Twitter offered some additional levels of protections – such as two-factor authentication,” said Cluley in a post on the Sophos blogsite Naked Security. “It seems that Saudi Aramco’s Twitter account has been compromised because of poor password security by whoever runs their social media operations.

The social networking company, which enabled people to send and read text-based messages of up to 140 characters, lags behind others Web-based firms such as Google, Facebook, Yahoo, Microsoft and PayPal which employ added security to protect their user’s personal information.

Two-factor authentication is the method of using two independent means of asserting the identity of a user requesting access to some application or service. The “factors” could be any combination of such items as: personal identification number (PIN), password, security token, fingerprint, identification card, retina scan, voice ID.

Multi-factor authentication, uses two or more factors to assert a user’s identity.

This is not the first time that Saudi Aramco’s was hit by a cyber attack. Last August, the oil company said it was hit by a malware attack that affected more than 30,000 of its computers. 

It is hardly the first conglomerate either whose Twitter account was compromised, Cluley pointed out.

For example, off-road vehicle maker Jeep and fast food chain Burger King just last month had their Twitter accounts hijacked by mischievous hackers.

In 2010, oil company BP America’s Twitter account was taken over by hackers which posted tweets that made pun of the PB oil spill of the coast of Mexico in 2010.

Exit mobile version