Twitter's Response To The Burger King Hacking: Do A Better Job At Protecting Your Password
Twitter In response to the hacking of Burger King and Jeep's Twitter accounts this week, Twitter put up a new blog post encouraging people to protect their passwords.
Here are Twitter's tips:
- Use a strong password. Your password should be at least 10 characters that include upper and lower case characters, numbers, and symbols. You should always use a unique password for each website you use; that way, if one account gets compromised, the rest are safe.
- Watch out for suspicious links, and always make sure you’re on Twitter.com before you enter your login information. Be cautious when clicking on links in Direct Messages. Whenever you are prompted to enter your Twitter password, just take a quick look at the URL and make sure you're actually on Twitter.com. Phishing websites will often look just like Twitter's login page, but will actually be for destinations other than Twitter. If ever in doubt, just go directly to twitter.com in your browser.
- Don't give your username and password out to unknown third parties, especially those promising to get you followers or make you money. When you give your username and password to someone else, they get complete control of your account and can lock you out of your account or take actions that cause your account to be suspended. Be wary of any application that promises to make you money or get you followers. If it sounds too good to be true, it probably is!
- Make sure your computer and operating system is up to date with the most recent patches, upgrades, and anti-virus software. Keep your browser and operating system updated with the most current versions and patches; patches are often released to address particular security threats.
Notably missing is what Twitter plans to do on its end to protect accounts, especially big brand accounts that pay Twitter boatloads of money for promoted tweet campaigns.
One answer that has been floating around is for Twitter to let you enable a two-step verification system when logging in. That means Twitter would send you a text message with a special code whenever someone tries to log in with your account. You'd have to input that code in addition to your regular password in order to successfully log in.
Theoretically, unless a hacker also has access to your phone, he or she won't be able to access your Twitter account. Popular services like Gmail and Dropbox already allow two-step verification.
It's not the perfect solution, but it's definitely safer than a simple password.