On Tuesday, Associated Press became the latest national media outlet to have its Twitter account compromised by hackers, leading security experts to question why the short-messaging service has yet to implement two-factor authentication like that offered by Google, Facebook, Microsoft, and Apple.
According to Wired, such a security feature is in the works. Twitter indeed "has a working two-step security solution undergoing internal testing before incrementally rolling it out to users, something it hopes to begin doing shortly," the tech publication reports.
Two-step (or two-factor) authentication means that logging into an account requires two proofs of identity — typically a password and a temporary code sent to a cellphone or generated by an app. This way, a compromised password alone isn't enough to lose control of an account.
"In my opinion, this is overdue for Twitter, especially for verified accounts," Chester Wisniewski of the Internet security firm Sophos told NBC News. "If you're so darn important that Twitter is going to verify you, they have some responsibility to make sure that it's you when you tweet."
Sean Sullivan, a security advisor at F-Secure Corporation, pointed out to NBC News —via Twitter, ironically— that simply adding two-step authentication may not be enough to prevent security woes.While two-step authentication may better protect individuals, when it comes to Twitter accounts managed by groups, further safety measures need to exist, he says, explaining that"Twitter accounts that are used by many à la Facebook Pages, should have the same Admin/Editor/Writer roles as options." And "the Admin should be able to see which Tweeter Tweeted what," he adds.
Hackers used the Associated Press Twitter account to falsely report two explosions at the White House and injury to the president, which caused a short-lived 140-point dip in the Dow Industrial Average. CBS, NPR and BBC are among other news outlets whose Twitter accounts have been compromised and misused by hackers.
When reached for comment about two-step authentication, a Twitter spokesperson told NBC News that the social network has "nothing to announce at this time."
Want more tech news or interesting links? You'll get plenty of both if you keep up with Rosa Golijan, the writer of this post, by following her on Twitter, subscribing to her Facebook posts, or circling her on Google+.