Why it’s time for Twitter to add two-factor authentication

As it becomes clear that an errant tweet can move stock prices, perhaps it’s time for Twitter to improve security measures and add two-factor authentication for accounts.

The Associated Press’s Twitter account was hacked this morning, sending out updates saying that explosions hit hit the White House and President Barack Obama had been injured. The AP’s account was immediately suspended and the tweets removed, but not before the Dow dropped about 200 points. It has since recovered, but that type of velocity makes it possible for someone to have made a lot of money.

Twitter has had security issues before, most recently when it notified users that a number of passwords had been compromised in February, but now with new SEC rules allowing analysts and traders to check tweets for market-moving information, it’s more important than ever for the company to give influential users as many security tools as possible.

Apple just added two-factor authentication to Apple IDs in March, Microsoft rolled it out last week, and Google has had it for much longer. Two-factor authentication is just one way that users can protect passwords, preventing an individual from hacking an account by requiring them to also have in their possession a second form of identification. For instance, Gmail users can set up their smartphones to work with two-factor authentication, requiring a PIN sent to their phone when they try to log in online.

It’s quickly becoming common practice among large web companies, and as the stakes increase for Twitter, it’s time for the company to consider adding the feature. Ars Technica reported in February that Twitter had posted jobs listings seeking engineers with experience in security, including “multifactor authentication and fraudulent login detection.”

Twitter has not yet responded to our request for comment on its current plans.