Twitter has finally joined the growing league of companies and services that offer two-factor authentication to secure accounts of users from being stolen or misused. Account hijack is serious matter and no company is immune, especially high profile ones such as Twitter.
To get started with two-factor authentication, go to Twitter’s account settings page, scroll down to the section “Accounts security” and check the box that says “Require a verification code when I sign in.”
Add and verify your phone number. After that, an SMS message containing an authentication code will be sent to a nominated phone which will be used to complete the login procedure.
The blog post says: “With login verification enabled, your existing applications will continue to work without disruption. If you need to sign in to your Twitter account on other devices or apps, visit your applications page to generate a temporary password to log in and authorize that application.”
But unlike other authentication systems, such as that of Google and Microsoft, the code has to be generated and entered every time users sign into Twitter through its website. There is no way to “authenticate” a computer for future code-free logins. Also, there is no authenticator app that you can run locally on your phone. This means, that in areas where signal reception is poor or there is a network outage, you’ll not be able to login to Twitter.
Twitter played a big role in Egypt and Libya during the 2011 revolution, where protesters used the social media site to organize action plans when other means of communication was either shut down or censored. Twitter is also usually the first to break news of disasters and violence when phone communications break down. Without an alternative way to receive or generate authentication code that doesn’t rely on a network service provider, fast dissemination of news for which Twitter is famous, could no longer happen.