Twitter Gives Two-Factor Security a Second Shot

By Sean Michael Kerner  |  Posted 2013-08-07 Print this article Print

Unlike Google Authenticator, Twitter's new log-in verification, creates a dependency on the data capability of the smartphone, Qualys' Kandek said, adding that while Google Authenticator locally generates its password codes, Twitter receives information over the Web.

Google Authenticator is also an extensible platform that multiple other services use.

"I now have Google authenticator for my WordPress, Lastpass and my Linux machine at home beyond my normal Gmail accounts," Kandek said.

Twitter's log-in verification is a little easier to use, Ken Pickering, director of engineering at CORE Security, said. With Twitter, the log-in verification is within the application itself, whereas Google still requires users to switch back and forth between apps to see the second factor. The extra step with Google is potentially a hurdle in getting users to adopt two-factor authentication, Pickering told eWEEK.

Jamie Cowper, senior director at Nok Nok Labs, told eWeek that although the underlying technology is different in Twitter's new log-in verification, the end-user experience is similar to Google Authenticator.

"The problem remains that users are looking to use their mobile devices as the main platform, rather than an additional factor, so usability remains a challenge," Cowper said. "All of these solutions aren't designed for the mobile first experience."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel