The new process will allow the user to choose between email address or mobile number associated with the account, to send the reset information. The user will then receive a six digit code that is valid for 15 minutes only and is required to enter this code on the web. The user will then be prompted to choose a new password.
“That way, whether you’ve recently changed your phone number, or are traveling with limited access to your devices, or had an old email address connected to your Twitter account, you’ve got options,” added Mollie.
Also, Twitter has taken additional steps to provide security to people who use same passwords across multiple sites. This makes them vulnerable to attacks in case any of these sites get compromised.
The new approach leads to a built-in system that analyzes login attempts on users account — by looking at things like location, device being used and login history — and identifies suspicious behavior. In acse any such activity is identified, acccount verification of the user will be done.
To contact the author, email at email@example.com