Twitter Adds SMS Messaging Password Resets

Twitter has updated its security options to allow users to reset passwords via text or email. The updates were unveiled last week.

In order to implement the SMS messaging option, users must associate a mobile phone number with their Twitter account here. Once the phone is activated, it’s possible to disable any unwanted SMS notifications. To reset a password via email, simply click the ‘forgot password’ link on the front page (the option is available on both desktop and mobile versions of the site, as well as the Android and iPhone apps).

Once the SMS messaging request has been sent, a code is sent to the associated mobile phone; the code must be entered on Twitter’s sign in page, followed by the new password.

The move comes after Twitter promised to ramp up security for their service following a spate of suspicious log in attempts. In addition to the new password reset options, Twitter has started analyzing log in attempts based on location and history, in much the same way banks flag up unusual ATM transactions. If they identify an apparently suspicious log in attempt, Twitter will request verification via email or text.

Additionally, the process will ask users a secret question about their account prior to granting access, followed by e-mail notifications if an anomaly has been spotted.
Twitter said recently that user security is a  priority concern, and by adding these new steps accounts will be safer than ever before.

The single biggest breach of Twitter’s security manifested as the recent Heartbleed Bug scandal, which compromised the personal data – including bank details - of millions of users. The micro-blogging site hopes the new measures will prevent similar security breaches in future. A statement on their blog said:

“We’re aware that many people reuse the same passwords across multiple sites. And when any of these sites are compromised, stolen passwords could be used to access your account on Twitter.” 

When it comes to tightening preventative procedures to limit third party hijackings, Twitter is somewhat late to the party. Google implemented a raft of similar security measures in 2010, giving users the ability to track log in history and other information so they could keep tabs on their accounts.