This article was published on May 8, 2014

Twitter beefs up security with streamlined password reset process and better blocking of suspicious logins


Twitter beefs up security with streamlined password reset process and better blocking of suspicious logins

Twitter today rolled out two improvements to account security, in terms of protection as well as restoring access. The first is a streamlined password reset experience, while the second is better identification and blocking of suspicious logins.

Twitter says it has redesigned the password reset process to make it easier to get back into your account. The new system lets you choose the email address or phone number associated with your account where you want Twitter to send your reset information.

Users often run into issues while trying to reset their password when they change their phone number, have an old email address associated to their account, or are traveling with limited access to their usual devices. Twitter has also made it easier to reset a lost password on your Android or iOS device.

passwordscreencap_0

wid
The second improvement is all about protecting your account from suspicious login attempts. Twitter says it has built a system that analyzes login attempts on your account by looking at information like location, device being used, and login history.

If the system identifies a login attempt as suspicious, Twitter will ask you a simple question about your account. The company says the answer will only be one you know, which will allow it to verify that your account is secure before granting access. Twitter will also send you an email to let you know that it has detected unusual activity, and you’ll be able to change your password if you deem so necessary.

Twitter wouldn’t share what a list of these questions, but it did offer an example (notice the hint that helps you in case you’ve gone through a few phone numbers recently):

ACID_screencap

These are both necessary changes that Twitter should have had in place ages ago. The company also offers best practices for password security that you should read if you’ve had your account hijacked at one point or another.

See also – Twitter unveils login verification, a form of two-factor authentication to better protect accounts via SMS and How I lost my $50,000 Twitter username

Top Image Credit: Andrew Burton/Getty Images

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with