Phil's Personal Finance Tip of the Day:
Why Twitter users won’t ‘follow’ new security rule
By Quentin Fottrell/MarketWatch
Following several recent high-profile Twitter account hacks, including of the
Associated Press, Financial Times and satirical site The Onion, Twitter last
week rolled out an optional two-factor login to give its users added security.
But some experts say most social networkers are unlikely to bother using it.
Last month, hackers posted a tweet from the AP’s account — “Breaking: Two
Explosions in the White House and Barack Obama is injured” — sending the Dow
plunging 145 points. “Twitter was designed as a consumer toy to tell friends
what you had for lunch,” says Johannes B. Ullrich, chief research officer for
the Sans Institute, a nonprofit security research group, “not to spread news
that affects stock markets.” (Twitter did not respond to requests for comment.)
The new verification system puts the security of Twitter accounts more in
line with the power a tweet can wield. By registering a mobile phone number,
account holders can receive a six-digit code via text message every time they
log into their account. “We occasionally hear from people whose accounts have
been compromised by email phishing schemes or a breach of password data
elsewhere on the web,” Jim O’Leary, one of the site’s security team, wrote in a
blog
post. Twitter’s new system would help prevent that from happening, O’Leary
wrote.
Trouble is, many consumers consider it too much of a hassle to wait for a
text message to log in to their Twitter, Facebook or Google account, experts
say. (Facebook and Google already have the mobile-phone log-in option and
evidence suggests that few use it. If social networks made it mandatory for
consumers to hand over mobile phone numbers for extra authentication, “consumers
would rebel and drop them like a hot potato,” says Adrien de Beaupre, a senior
information security consultant with Intru-Shun.ca, an independent IT security
consulting firm in Canada. “They tend to dislike or even circumvent features
intended to protect them.” To be fair, this doesn’t only apply to social
networks: Only eight out of the country’s 25 largest financial institutions
require a separate authentication log-in by mobile phone, according to a recent
survey by Javelin Strategy & Research, a consultant for the financial
services industry.
To read the entire article from Quentin Fottrell/ MarketWatch:
http://www.marketwatch.com/story/why-twitter-users-wont-follow-new-security-rule-2013-05-29
you are invited to follow my blog
ReplyDelete