Twitter envied the U2F protocol and introduced integration with security keys

Most Twitter users protect their accounts in the traditional way, that is, by logging in via username and password. As with any other online account, such security features are exposed to phishing attempts.

One of the best known burglaries on Twitter account was in 2013, when the Syrian Electronic Army managed to take control of the Twitter Associated Press account and published a message that the explosion had broken out in the White House, and Barack Obama was injured. Also the FC Barcelona, ​​CNN, Burger King, Google general manager, Sundar Picha, wikipedian Jimmy Wales and Mark Zuckerberg came to louder burglaries.

If you are sensible then we believe that you need to use a physical USB security key that supports universal U2F two-factor standard (Universal 2nd Factor) when logging in, that is really ingeniously secures against taking over the account. Of course, you still need to enter your login and password to log in. To further protect your account you need to use a USB security key, which we wrote some time ago in this and this article. All materials with Yubikey keys can be found here .

Login to Twitter using the Yubikey key
Podpinamy do portu USB urządzenie i dotykamy miejsce z wyrytym czytnikiem linii papilarnych, które aktywuje klucz.

U2F (Universal 2nd Factor) protocol

Instead of installing additional applications on your phone or rewriting one-time codes supporting two-factor authentication, you only need to touch a physical key that is smaller than a box of matches. This will recognize the touch and provide the cryptographic information needed to log into the browser, and this one to the Twitter server.

Yubikey supports the U2F protocol

Bitdefender engineers point out that physical keys will make it much harder to hack users' accounts. We say that it will be impossible without physical access to the device. If you lose the USB key, you can still log in using a different method, eg a one-time USB code or a permanent backup code.

More information on activating the key on your account is provided by Twitter . For simplicity, let's add that these settings can be found in the Settings -> Account -> Security and verification of login tab.

Physical cryptographic keys can be used to log in to many other U2F support services, including Windows, MacOS and Linux operating systems.

Tags


Add new comment

The content of this field is kept private and will not be shown publicly.

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.