Two months after Twitter joined the two factor authentication club and a change has been made to secure the social network even further.
The additional security service is an optional extra in the settings functions of the site and offers users enhanced security to protect their accounts from hackers.
The one time password service that delivers a unique code via SMS to authenticate the user’s identity will now be available through the Twitter app on Android and iOS. The authentication process will now simply require the tap of a button to authorise, an easier solution to the previous text message that would then need to be input in order to gain access.
The new method, although simple does act as an even more secure method of two factor authentication. The trouble with sending these codes via SMS is that it relies on the delivery channel to be secure also, which cannot always be guaranteed.
The new inter-app method is based on public key cryptography, where a public key is stored by Twitter and a linked private key is only stored by the end users phone and never gets released into the potentially public eye. This way the only way to access the app is to acquire both keys, which would require access to both Twitters data and the end device.
A backup code when the service is initially set up. This can be used in the case of a device being lost or stolen.
App based two factor authentication is available on versions Android 4.1.4 and iOS 5.9.