Written by Steve Perry
Published on

Twitter's Two-Factor Authentication vulnerability

After recent reports of failures in Twitter's SMS Two-Factor Authentication functionality, a researcher discovered that texting "STOP" to Twitter's verification service disables the authentication functionality altogether.

The vulnerability, verified by Information Security Media Group, means that a malicious user could spoof an account's registered phone number to disable two-factor authentication, which may then open up the account to further attacks and possibly a take-over.

Source: Schneier on Security.

Steve Perry Creative Ltd

Studio and registered office: 4 Back Lane, Brown Edge, Staffordshire ST6 8QS.

Copyright © 2012 – 2023 Steve Perry Creative Ltd., unless otherwise noted.

Registered in England & Wales, number 08354632.


Typeset in Söhne Kräftig and Söhne Buch, by Klim Type Co.

Set as 32/64, 24/32, 20/32, and 12/16 on an 8px/96px grid.

Colour palette selected for AAA contrast.