After Google and Facebook, Twitter joins the hue of two factor authentication for secured logins. With the increasing number of unauthorized logins and hack attempts on Twitter accounts these days, it was about time Twitter introduced a safe way to login to a Twitter account which requires an extra level of security code and is not entirely dependant of password.
Here is how Twitter’s two factor authentication works (much like Google’s and Facebook’s secure login methods).
You add a phone number to your Twitter account and then turn on login verifiation for your Twitter account from settings. When you have turned on this account security feature for your Twitter account, you’re all set.
The next time you want to login to your Twitter account, you will have to first enter your password. Next, Twitter will send a 6 digit verification code to your mobile phone and you will be prompted to enter the verification code, before allowing you (or anyone else) access to your Twitter account.
This added layer of security can be extremely useful, specially when you are using Twitter from public Wi-Fi networks and have doubts of password sniffing. Again, if you are using Twitter form a shared computer and wonder if someone has installed a keylogger script to trace your passwords, this is a good way to get pass those methods.
The folks at Twitter have a support page on how to keep your account secure and avoid getting hacked from hackers. I would like to add some more to it
- Never use the same password for all your social profiles e.g Facebook, Google Plus, Twitter and other social networking sites which you use regularly. The reaosn is simple, if someone manages to know your password, it won’t take him much time to crack all your networks. I never use the same password for a new website, I always use an auto-generated password from my password manager application, use it and forget it.
- Never remember passwords. Use a password which is impossible to remember in the first place. This ensures that you can’t type your password and hence removes the risk of getting it traced by keyloggers and malicious applications.
- Avoid environments and machines which you don’t own. For example, I don’t login to any of my accounts when I am surfing the web in an airport. I don’t have to, I would rather wait, go home and then check my email in my home Wi-Fi connection.
- Change passwords regularly, ideally every 3-4 months.
- Always check the URL of the website before typing in your username or password. Fake login pages are very common these days and it takes a minute to loose all the control, if you are not careful.
P.S: Twitter’s login verification does not work in India yet, I was not able to add my phone to my Twitter account (it said carrier not supported). I hope this works out well for other users across the globe, do drop in comments if you find this feature useful.
Twitter Login verification (Twitter blog)