padlock

Twitter have announced the launch of a two-factor authentication service to try to reduce down the numbers of incidents of accounts being hacked. It’s a good step for consumers, but in my view fails to address the fundamental issue that companies who use Twitter for corporate accounts face: if there is only one account, there’s only one password, and that gets shared across multiple users.

Actually, adding in two-factor adds more challenge. The way it will work is that you will need to enter a PIN that is sent to your mobile via SMS before logging in at a new machine can be verified. So, for a team using the same Twitter account, they’ll also now need to share a mobile phone as well as a password.

Multiple-user Twitter accounts need to be able to be accessed by different people authenticated by themselves, not on a shared identity. It’s only at that point that organisational Twitter accounts will become properly secure.

2 thoughts on “Two-factor

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s