The Heartbleed thing is a good reminder that if a service offers 2-step authentication, you should take advantage of it.
@KentInPublic @bhsharp Well sure, but once they renew their certs, you don't need two-factor to avoid the exploit either!
-
-
@cmuratori@bhsharp But pre-patch, they could get your user/pass and 2-factor would prevent them logging in. -
@KentInPublic@bhsharp Only if _you_ don't log in. Make sense? If _you_ ever log in, then they can MITM you. - Show replies
New conversation -
-
-
@cmuratori@bhsharp Like, if someone got my pre-patch Facebook pass, they couldn’t actually use it w/o the code on the phone in my pocket.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@cmuratori@bhsharp So, post-patch, I change my password and am safe because 2-step prevented abuse during the vulnerable period.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.