The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

Triple-Track Conference - 15th & 16th October


Capture the Flag - 15th & 16th October

HackWEEKDAY - 15th & 16th October

CommSec Village - 15th & 16th October


Two-factor authentication won't protect Twitter, Google: OneID

Although Twitter is looking for an engineer to implement two-factor authentication for its users, it still won't prevent a repeat of the recent attack that saw 250,000 users exposed, according to OneID founder Steve Kirsch.

Two-factor authentication provides an additional effective step to thwart would-be attackers from taking over users' accounts, but it is currently not an option for Twitter users. On the back of recent attacks on the site, many have been calling for Twitter to implement it, but, according to Kirsch, even if Twitter does roll out the security measure, it won't prevent the attack from occurring.

While not dismissing two-factor authentication systems' effectiveness at preventing existing phishing attacks from being successful, Kirsch said that the number of people signing up for it in existing services is abysmal, and doesn't do much for improving overall security.