I will probably draw some criticism for this post, but here it goes. I have a love/hate relationship with Twitter. It is a great tool for keeping up with breaking news and to communicate quickly with people. But Twitter has a problem, actually two problems, and I know I am not alone in this thought process.
First, there is not a month that doesn’t go by where you don’t hear of a Twitter account being hacked or taken over. The problem is that I think Twitter could either significantly reduce this issue or solve it entirely if they would implement better security for their users. Twitter currently offers Two-Factor Authentication (2FA) for users, but their implementation of 2FA is so far off from a standard implementation that they have done more harm than good by implementing it. The root of the issue is that Twitter only allows a single account to be tied to a single phone number. For some users that may have multiple accounts this presents a serious issue. Twitter could fix this issue simply by implementing one of the many already tested and proven 2FA implementations already on the market such as Google Authenticator. In fact they could even offer multiple 2FA solutions so users have a choice. Instead they are leaving users to choose between protecting accounts or not.
The second issue is that Twitter has an enormous fake account problem. I believe this problem is a direct result of limiting people to only following 2000 people until they reach a certain ratio of followers. This creates a race to cross the 2000 mark and has spawned fake Twitter accounts to both exceed that limit and continue to fulfill the ratio down the road. I understand that Twitter implemented this limit to prevent spammers. However, I think the better solution would be to not only utilize this limit, but add in additional tests that if met would raise or lower the 2000 number accordingly. For example, most spam accounts follow tons of people with few followers, second the number of tweets they have is usually limited or obviously spammy, and third the length of time the account has existed can all be combined to determine if a user is real or fake.
Anyway, that is my quick grip for the evening. Most importantly I, like others, would like to see Twitter get to work on a better 2FA implementation.
Latest posts by Jeff Mould (see all)
- Laravel 5.4 Redirect after Password Reset Email Sent - September 8, 2017
- How to Fix Laravel 5.2 Token Mismatch Errors - June 30, 2016
- How to Get Sirius XM Deals - May 27, 2016