The ongoing rollercoaster that is Twitter’s communications has consistently gained headlines since Mr Musk took over. However, this month Twitter managed to outdo itself. In fairness, what it said was correct, but as we know many people don’t tend to read notifications correctly.
The background is the use of 2FA, or two factor authentication. This is super important stuff, because it adds a significant additional layer of authentication protection. Let’s take a good example of how this works, and how it relates to Twitter.
It’s usual to set up an account on a service using an email address and a password. Companies are getting somewhat better at enforcing strong and complex passwords, and this helps if a bad actor is trying to break into your account by guessing likely passwords. Dictionary attacks are as effective as passwords such as “12345678” are useless.
You also need to be careful about the setting mechanism. For example, if you create a new Gmail account, and use this as the login address for this new service, an email is probably sent to that email box confirming the creation of the account. In the past, badly designed services might have also sent a copy of the password to your Gmail account as a helpful reminder. Which is fine until someone breaks into your Gmail account, and then has access to the username and password that you set up on this new