Twitter does the two-step, gets serious on security with new authentication feature

After a series of high profile hacks, Twitter is finally getting serious about log-in security with a new feature that will require users to enter an extra pin code when using non-familiar devices.

The feature, known as “two-factor” authentication, is already used by companies like Google and Apple and works by sending a pin code via text message to a user’s cell phone. Twitter has details and a tutorial video here.

The decision to add an extra security feature comes after hackers have repeatedly gained control of high profile Twitter feeds. The most prominent example occurred last month when hackers used the Associated Press’s account to say bombs had injured President Obama. The fake tweet roiled financial markets and led to calls for Twitter to improve its security features.

Attackers have also targeted CBS, the BBC and the Onion. The latter offered a candid account of how the hackers phished employees accounts and induced some of them, including a person with control over social media passwords to share log-in information.

Two factor authentication would likely have prevented those attacks because the attackers would have had to enter a password sent to the employee’s cell phone.