Twitter working to fix issue with 2FA feature

Cyber Security

An apparent glitch is preventing a number of users from signing into their accounts

A number of Twitter users from around the globe report experiencing problems when attempting to log into their accounts. The microblogging site is investigating what seems to be a glitch in its verification systems that is affecting some people who utilize text messages or automated phone calls as an added means of authentication.

Meanwhile, numerous complaints have been piling up in the Twitter Support thread, with many people claiming that the bug isn’t exactly new. Some users insist that they have been experiencing the issue for weeks, while others mentioned that the glitch has led to their accounts being suspended.

Users who rely on SMS messages or phone calls for two-factor authentication (2FA) can alternatively use a single-use back-up code that was generated by Twitter when they activated 2FA. The recovery code can also be useful when you lose your phone, obviously assuming you saved the code in a secure place in the first place.

Generally speaking, while SMS-based 2FA is better than not using the added factor at all, the social media giant offers two more – and safer – 2FA authentication methods: an authentication app and a physical security key.

Twitter introduced 2FA back in 2013 but it wasn’t until last November that it stopped requiring users to supply their phone numbers when activating 2FA – even when they wanted to use either of the two safer methods.

Among other things, SMS-based 2FA falls short of protecting people against SIM swapping attacks, which is also how the account of the platform’s CEO Jack Dorsey was hijacked last year.

Speaking of account takeovers, Twitter was thrust into the spotlight last month after experiencing one of the biggest data breaches in its history.

Products You May Like

Articles You May Like

Zenscrape: A Simple Web Scraping Solution for Penetration Testers
US Court Documents Published in Ransomware Attack
Are You Ransomware Aware?
New Jersey Keylogger Hacker Jailed
A Successful Self-Service Password Reset (SSPR) Project Requires User Adoption

Leave a Reply

Your email address will not be published. Required fields are marked *