Twitter is well known to be fairly insecure. I was hacked a couple of years ago and even now I still get direct messages from people that they clearly haven’t sent me themselves. In fact Age posted the other day about his recent twitter hacking experience. Twitter was under pressure for a long while to introduce a two-factor authentication but it took them forever – however once they did I enabled it pretty quickly.
For those who have yet to experience it, every time you try to login you get a text message or have to approve the request via the app. I chose the app authentication as although I could post to twitter by sms, I never received my authentication codes. All went well until without thinking properly (or backing up the app…) I wiped my phone and installed a new ROM. Sadly, when installing a new OS on my PC I never follow the advice of creating a backup disc and I treated the advice from twitter with the same disrespect and didn’t save any backup codes. They would have granted my access to my account through the app as before and all would have been well with the world.
As it is, I lost all access to my account. Twitter were pretty good though and within a couple of days, I had followed their instructions. Luckily as I was able to post via sms I could prove I was the account holder and they temporarily removed the two factor authentication and I was able to login – a word of warning though – had I not had the option to post by text then there was no guarantee that they could have got me back in. Their support pages state that if you can not prove account ownership then they will not help you regain access and you are left with only the option of setting up a new account. Whilst that would not have been the end of the world for me, it could be problematic for some so make sure that you do as you are told and generate a backup code.