Getting access to the phone number doesn't even prompt for a SMS OTP challenge if enabled, it just accepts any messages sent to 40404 and tweets them.
-
-
-
JFC I forgot about that. That said, the biggest security problem here is DMs. Public postings are public, and shitty tweets one didn't make can be explained. But DM exposure has been a significant threat to dissidents. (That's why I go so hard on security keys everywhere alas).
- Show replies
New conversation -
-
-
Zeynep, you just got past me by a light year and I used to think I had a handle on this stuff. Quite possibly the only possible security measure for simple folks is to return to hardwired / no network / cheques.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Curious: is it best to remove phone number from one’s Twitter account even if not using SMS as one of the 2FA methods?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The compromise here was caused by Tweet-via-SMS feature, not the 2FA
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.