Twitter's advice to media after high-profile hacks
Twitter's advice to media after high-profile hacks
4:30

Twitter's advice to media after high-profile hacks

Tech Industry
-Hello and welcome to Inside Scoop. I'm Sumi Das and joining me is Seth Rosenblatt. -Thanks. -Thanks for being with us. -Thanks for having me on again. -He's Senior Writer for CNET. And today, we're talking about Twitter and this high-profile hacks that have happened recently. -Uh huh. -AP News got hacked. CBS got hacked- -Our game former player. -Exactly, that hits close to home. -Uh huh. -And now, Twitter has released this memo, it happened on Monday. -Uh huh. -Tell us what this memo said. -Basically, it's said to companies "You're responsible for your own passwords. Good luck." -But some good advice in this memo, right? Basically-- -Absolutely. -it was sent to journalist and people that might be targeted in the future. -Uh huh. -Twitter has had a problem with spear-phishing. So, explain what "spear-phishing" is, first of all. -So, "spear-phishing" are phishing attacks that are directed at specific people using information that they are likely to recognize as familiar. So, that they are basically more susceptible to the phishing attempt which is where they enter-in their password or other authentication information into a website that looks real but in fact, is they are just to steal their information. -Okay. So, what should people be doing with their passwords? What constitutes-- -That is-- -to the strong one, what constitutes a weak one. We get these advice all the time and-- -We do. -it seems like-- -It will-- it's a big deal. Traditionally, people think of having one-word passwords with a lot of funny characters in them; pound signs and dollar signs and percent signs and-- -That's no big-- -and capitals and numbers, and things like that. There're actually very hard to remember. -Yes. -And not only that and which is actually much worse, they're very easy for machine-logic to guess. The way to do it actually is to go in the other direction, choose a password that's easy to for you to remember,-- -Okay. -but harder for a machine to guess and one of the best ways to do that is to choose a multiword password that uses spaces. It's less important, although it's helpful, to have funny characters in there but if you have four random words as your password, that's really the best way to go. -And you're saying you can use spaces in your password. This is actually information and news to me. -Yeah. -So, that's acceptable for Twitter. You can put spaces in your password. -Twitter supports it, Facebook supports it-- -Okay. -Google supports it. I don't believe that Microsoft does but Microsoft does support two-factor authentication, which a lot of other services also support. -And what is Twitter doing, I mean, besides saying "Create stronger passwords"-- -Uh huh. -and "Change your passwords"? What-- they're actually doing some-- taking some security measures on there in too? -They are. They are apparently working on two-factor authentication. -Uh huh. -That's a big step. -Yeah. Let's explain what that is. -Sure. So, two-factor authentication, or 2FA as it's called, involves using two of three different kinds of information to authenticate that you are who you say you were when you're logging in. -Okay. -There's a knowledge component. So, that can be a password or a pattern or a pin number. There's a physical component, an ATM card or a Smart card of some kind, or there can be a biometric components such as a fingerprint. -Okay. Twitter doesn't have this yet. -Does not. -Do we know when it's coming? -We don't. -Okay. -There are a lot of services that do offer it. Google has it, Facebook has it, Amazon Web Services has it, Dropbox has it, Microsoft has it, Hotmail, Yahoo uses it. There's a lot of high-profile services that do use 2FA which is great, however 2FA is still susceptible to spear-phishing which is kind of phishing that's been used in the past to get people's Twitter account passwords. And at the end of the day, there is no such thing as a 100% secure authentication method. -If you're not a member of the media,-- -Uh huh. -you're not a journalist,-- -Uh huh. -should you be worried about these, sort of, spear-phishing attacks? -I think you should be concerned. I think it's always important for people to remain vigilant about opening emails. It's less of a concern now with attachments whenever one is using a webmail. It's much more important that when you look at an email, they, you know, you're taking a look at who it's coming from, the domain of words coming from, the link. If you click on a link, before you do, take a look at it, see where it's going. If it says something like being that or something weird and you're looking for your bankofamerica.com-- -Right. -then you've got a problem and you probably just to leave the email. -Right. Okay. All right. So in the meantime, we'll just keep watching for Twitter to release that two-factor authentication. -Absolutely. -Seth, thanks you so much. -Thanks a lot. -For Inside Scoop, I'm Sumi Das. Thanks for watching.

Up Next

Samsung Note 8 will try to win back burned Note 7 fans
jessica-1

Up Next

Samsung Note 8 will try to win back burned Note 7 fans

iPhone 7 breaks Apple's sales records
inside-scoop-cnet.jpg

iPhone 7 breaks Apple's sales records

Apple's all about the MacBook on October 27
ismacbookcnet.jpg

Apple's all about the MacBook on October 27

Apple set to focus on iPhone at September 7 event
isapple97.jpg

Apple set to focus on iPhone at September 7 event

What the Verizon-Yahoo deal means for users
yahooverizon.jpg

What the Verizon-Yahoo deal means for users

What to expect at Apple's WWDC 2016
16n0607insidescoopwwdc.jpg

What to expect at Apple's WWDC 2016

Inside Scoop: Tim Cook talks privacy at Apple's shareholder meeting
inside-scoop.jpg

Inside Scoop: Tim Cook talks privacy at Apple's shareholder meeting

Inside Scoop: What will be the hottest phone from Mobile World Congress?
insidescoop.jpg

Inside Scoop: What will be the hottest phone from Mobile World Congress?

Ripple Maker gives us a taste of our face
ces1681insidescooppart1still.jpg

Ripple Maker gives us a taste of our face

What's that smell? This alarm clock
ces1681insidescooppart2still.jpg

What's that smell? This alarm clock

Tech Shows

The Apple Core
apple-core-w

The Apple Core

Alphabet City
alphabet-city-w

Alphabet City

CNET Top 5
cnet-top-5-w

CNET Top 5

The Daily Charge
dc-site-1color-logo.png

The Daily Charge

What the Future
what-the-future-w

What the Future

Tech Today
tech-today-w

Tech Today

Latest News All latest news

Did a Week With the Apple Watch Make Me Use My iPhone Less?
240419-site-does-having-an-apple-watch-make-me-use-my-iphone-less-4

Did a Week With the Apple Watch Make Me Use My iPhone Less?

How Google Tests the Cameras in Its Pixel Phones
240417-site-google-pixel-lab-exclusive-1

How Google Tests the Cameras in Its Pixel Phones

Boston Dynamics' New Electric Atlas vs. Tesla's Optimus
240419-wtf-atlas-vs-optimus-v04

Boston Dynamics' New Electric Atlas vs. Tesla's Optimus

What is the Fediverse?
240418-fediverse-winged

What is the Fediverse?

The Missing Piece to Apple's Eco-Friendly Mission
240418-site-omt-the-core-problem-of-apples-green-goals-v1.jpg

The Missing Piece to Apple's Eco-Friendly Mission

First Drive in the All-Electric 2024 Fiat 500e
240417-site-fiat-500e-ev-drive-program-thumbnail-v3

First Drive in the All-Electric 2024 Fiat 500e

Most Popular All most popular

First Look at TSA's Self-Screening Tech (in VR!)
innovation

First Look at TSA's Self-Screening Tech (in VR!)

Samsung Galaxy S24 Ultra Review: More AI at a Higher Cost
240123-site-samsung-galaxy-s24-ultra-review-4

Samsung Galaxy S24 Ultra Review: More AI at a Higher Cost

'Circle to Search' Lets Users Google From Any Screen
circlesearchpic

'Circle to Search' Lets Users Google From Any Screen

Asus Put Two 14-inch OLEDs in a Laptop, Unleashes First OLED ROG Gaming Laptop
asus-preces-00-00-25-11-still003

Asus Put Two 14-inch OLEDs in a Laptop, Unleashes First OLED ROG Gaming Laptop

Samsung Galaxy Ring: First Impressions
samsung-galaxy-ring-clean

Samsung Galaxy Ring: First Impressions

Best of Show: The Coolest Gadgets of CES 2024
240111-site-best-of-ces-2024-1

Best of Show: The Coolest Gadgets of CES 2024

Latest Products All latest products

2025 Audi Q6, SQ6 E-Tron: Audi's Newest EV Is Its Most Compelling
cnet-audiq6

2025 Audi Q6, SQ6 E-Tron: Audi's Newest EV Is Its Most Compelling

Hands-On with Ford's Free Tesla Charging Adapter
pic3

Hands-On with Ford's Free Tesla Charging Adapter

Nuro R3 is an Adorable Self-Driving Snack Bar
240320-site-nuro-r3-first-look-v1

Nuro R3 is an Adorable Self-Driving Snack Bar

First Look: The $349 Nothing Phone 2A Aims to Brighten Your Day
240304-site-nothing-phone-2-first-look-v3

First Look: The $349 Nothing Phone 2A Aims to Brighten Your Day

Best of MWC 2024: Bendable Screens, AI Wearables and More
240229-site-best-of-show-at-mwc

Best of MWC 2024: Bendable Screens, AI Wearables and More

This Concept Laptop from Lenovo Has a Transparent Display
240225-site-lenovo-translucent-laptop-concept-v3

This Concept Laptop from Lenovo Has a Transparent Display

Latest How To All how to videos

Tips and Tricks for the AirPods Pro 2
airpods-pro-2

Tips and Tricks for the AirPods Pro 2

How to Watch the Solar Eclipse Safely From Your Phone
screenshot-2024-04-03-at-15-47-11.png

How to Watch the Solar Eclipse Safely From Your Phone

Windows 11 Tips and Hidden Features
240311-site-windows-11-hidden-tips-and-tricks-v2

Windows 11 Tips and Hidden Features

Vision Pro App Walkthrough -- VisionOS 1.0.3
VisionOS 1.0.3

Vision Pro App Walkthrough -- VisionOS 1.0.3

Tips and Tricks for the Galaxy S24 Ultra
240216-site-galaxy-s24-ultra-tips-and-hidden-features-2

Tips and Tricks for the Galaxy S24 Ultra

TikTok Is Now on the Apple Vision Pro
tiktok-on-vision-pro-clean

TikTok Is Now on the Apple Vision Pro