The @AP Twitter hack today, claiming that there had been two explosions in the White House, is another embarrassing security issue for Twitter.
In the past few weeks, we've seen Fifa chief Sepp Blatter, CBS's 60 minutes and others, the new President of Venezuela, NPR, Birmingham's Assistant Chief Constable, North Korea, the Dominican Republic's National Police, Burger King, the BBC and the AFP's Twitter accounts all being hacked. And many more.
This comes after the Boston Marathon bombings, where all of Twitter was full of rumours and downright incorrect information being irresponsibly circulated and retweeted. It's one reason why we made tweetresponsibly.net, a simple one-page website which hopes to educate, a little, how to use these new tools.
Twitter now has a serious credibility problem. The amount of hacking on Twitter is now seriously damaging trust in the brand. If there is any niggling doubt in peoples' minds about whether a news organisation's tweet is actually correct, Twitter's service is irreparably damaged.
Twitter should urgently implement two-step verification. This means that even if you know my username and my password, this information is still entirely useless unless you also have my mobile phone. Google's implementation is surprisingly easy for a user - with trusted machines whitelisted, and the process adding less than fifteen seconds to log in. And, given it's entirely open, it can be used by other companies too, like Dropbox and LastPass, who also use the system.
Most importantly, it makes phishing emails, of the type apparently to blame for AP's hack, almost impossible to succeed.
How fast can Twitter move to plug the hacking hole in its service's trust? We'll find out soon enough.
In the meantime, if you have a Google account, enable two-step verification today. Your reputation will thank you later.
Why Twitter's hacking problem could kill it
Follow @jamescridland
Today's hack of the AP account shows Twitter desperately needs better security for the sake of its future
James Cridland is the Managing Director of Media UK, and a radio futurologist: a consultant, writer and public speaker who concentrates on the effect that new platforms and technology are having on the radio business.
E-mail James Cridland | Visit James Cridland's website
6 comments
Twitter posted on Tuesday 23rd April at 21:41
<a href="https://twitter.com/jamescridland">jamescridland</a> Two step clarification is important, but for brands a Facebook or Google+ style page admin sustem would be even more useful.</p>— Tony Moorey (tonymoorey) April 23, 2013
<a href="https://twitter.com/jamescridland">jamescridland</a> Bet a majority of brands hand their Twitter passwords out to interns, etc. Then keep same password for years.</p>— Tony Moorey (tonymoorey) April 23, 2013
Martin Phillp posted on Tuesday 23rd April at 21:45
I can change my password, yet I still have access using third party apps and even Twitter’s own app on Android without the requirement to re-authorise. A major flaw.
Peter Symonds posted on Sunday 28th April at 23:06
I don’t think it should be used as a main source of information. You should still send a link with the tweet to the main article on your website (websites I assume are harder to hack). One rule I go by is a tweet without sources (ie links to websites of a good reputation) should be read with caution.
Tony Smith posted on Wednesday 5th June at 14:48
Late to the comment party but hey :)
Simple resolution, use an encrypted 256bit both ways VPN service when generating and / or logging into ANY account on the Inter’web!
A $12 spend with Lastpass Premium, will ensure you and your private data is encrypted and not shared with anyone anywhere, other than you.
Use an alphanumeric combo with special characters at least 14 long.. using the Lastpass generator, which also encrypts your data BEFORE it goes up the into the web!
Add your comment in seconds
Use a social media account you already have to log in. More info
If you're not on social media, register for a Media UK account.
By logging in, you are consenting to a cookie that personally identifies you to us. Here's more about our cookies.
Get the Media UK Daily
Get new articles, news, jobs and discussions every day into your inbox. Subscribe, free, now
So does that mean the internet could also be killed? Oh hang on, people have been hacking the internet and spreading malware through the www for many, many years. And won’t you look – it’s still here!
All of this stuff that’s going on right now on the internet is merely stoking the fire that attracts people TO the platform, not away from it. I suspect you might be surprised to see how many more active users Twitter have added to the pile in the past couple of months.
Sure, commentators and harbingers of doom may surmise all this noise is a bellwether for the social network’s demise, but the masses would disagree. And they, after all, are who decide whether Twitter survives, or not.
Twitter’s strength is in it being a self-cleaning oven. And just a baby in the scheme of things, with the best yet to come.
All this hacking of accounts is merely a sideshow to the panoply of benefits we enjoy as Twitter users every day.