Twitter, the increasingly popular microblogging service, has come under quite a bit of criticism in the past few weeks. Users of the platform, which describes itself as an "information-sharing network" are struggling with what to do about false information being spread around.
It may not sound like a big deal for individual users to let a white lie slip about some status update. But during the past few weeks there have been some more concerning examples of misinformation spreading across the social forum.
For example, Twitter users (as well as those on other popular sites such as Reddit.com) were quick to identify certain individuals as possible culprits of the Boston Marathon bombings days after the attacks, including a Brown University student who had been missing and was later found dead with no connection to the Boston incident. Rumors about whether suspects had been captured or arrested streamed through Twitter users timelines as breaking news unfolded after the attacks, some of it true and some not.
After the commotion of the marathon incident seemed to have settled down a week later, another black eye for Twitter popped up when the Associated Press's Twitter account was hacked, and perpetrators sent out fabricated updates from the venerable news agency's Twitter feed reporting that the White House had been attacked and President Obama injured.
With such misinformation spewing out from the firehose that is Twitter, it begs the question: Is Twitter broken?
Twitter tries to regroup
Twitter may have answered that question somewhat. The company is reportedly looking into adding a two-factor authentication system to the free service, which security experts say would make it harder for hackers to gain access to Twitter accounts, and could have possibly prevented the AP's incident.
It's a great idea to implement two-factor authentication, says Scott Behrens, an application security expert at security consultancy Neohapsis Labs. The administrative and technical challenges of rolling out a two-factor system will likely be some hurdles to implementing a system, he says, because Twitter integrates with so many other services, apps and web sites.
Despite some developers of third-party Twitter apps being upset by recent changes to clamp down on Twitter APIs, Behrens says those changes could actually make it easier to ensure third-party apps are playing by Twitters rules, including the potential rollout of a two-factor system.
Two-factor authentication seems like a natural fit for the company though, especially in light of the recent incidents such as high-profile accounts like the AP being hacked. Others, like the Burger King and Major League Baseball accounts have also been victims of hackings.
Two-factor systems, such as the ones sold from vendors like Symantec, RSA, and others, usually require both a password that a user knows and some randomly-generated code that is supplied to them, and are an industry-accepted best practice security technique.
Sign up for CIO Asia eNewsletters.