Twitter tightens security in fightback against hackers

Have your say

Social media site Twitter has announced an update to its security features aimed at making user accounts more secure.

Detailed in a post to the social network’s official blog, the company explained how the way passwords are retrieved and reset has been changed to make it more secure for users to regain access to their account if they forget a password.

Mollie Vandor, product manager at Twitter, said: “We know some of you occasionally have difficulty accessing your Twitter account, and whatever the circumstances may be, we want you to be able to get back into it quickly and securely.

“So today we’re starting to roll out two improvements that will help protect your account and restore access: one, a streamlined password reset experience; and two, better identification and blocking of suspicious logins.”

The new reset now gives users the option of whether they would like the reset information sent to an email address or a telephone number linked to their account, depending on what they have access to at the time.

The new identification process will see Twitter begin to analyse different aspects of a login to your account, including location, the device used and login history, in order to spot any suspicious behaviour. Should the site become suspicious of a login it will prompt users to enter further information before granting access to the account.

A hacked Twitter account has been a common issue on the site for some time, with organisations like the Syrian Electronic Army doing so to raise the profile of the ongoing conflict in the country. Its targets in the past have included the official accounts of BBC News and The Washington Post. Twitter believes this tweak will help to prevent such incidents in the future.

David Emm, from the global research and analysis team at digital security firm Kaspersky Lab, said: “I think this adds a level of flexibility that will help anyone who forgets their password.

“And since you have to choose one of the email addresses or phone numbers that are already associated with the account, it doesn’t add this flexibility at the expense of security.

“I also think that monitoring for suspicious login attempts is a positive thing too.

“It may seem a bit invasive 
at first glance, but it’s similar to what the banks do for credit 
and debit card use, and it 
offers an additional safeguard against someone hacking your account.”