Twitter lets users reset passwords with text message

Twitter's new redesigned password reset process focusses on streamlining password reset experience and better identification and blocking of suspicious logins.

Published Date
12 - May - 2014
| Last Updated
12 - May - 2014
Twitter lets users reset passwords with text message

Twitter last week introduced a redesigned password reset process in an attempt to make the social networking website more secure and more convenient for users.

The new process allows users to select the e-mail address or phone number registered with your account to receive the reset information. “That way, whether you’ve recently changed your phone number, or are traveling with limited access to your devices, or had an old email address connected to your Twitter account, you’ve got options,” points out Twitter in a blog post.

Twitter has rolled out a new password reset process for Android and iOS users. Twitter explains that it has developed a system that analyses log in attempts on users' account by considering factors such as location, device and log in history and identifies suspicious behaviour.

“If we identify a login attempt as suspicious, we’ll ask you a simple question about your account — something that only you know — to verify that your account is secure before granting access. We’ll also send you an email to let you know that we’ve detected unusual activity so you can update your password if need be,” adds Twitter.

With online security and privacy becoming a prime concern, Twitter's new security feature is certainly a welcome move. Twitter has been long targeted by cyber criminals, though it has made various efforts to improve security features on the social network.

Back in November 2013, Twitter added a new layer of protection, which it calls 'forward secrecy', to its traditional HTTPS encryption. “On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic,” explains Twitter.