(Credit Peter Steiner)
A text-based communication tool adds a second layer of security – text-based, of course. Twitter is the perfect example of how a few words can have a huge impact. Use Twitter well and you join the ranks of celebrities. Use it poorly, and you join the ranks of, well, other celebrities. One thing is certain, you don’t want to have someone else misusing you account. Peter Steiner famously said in 1993, “On the Internet nobody know you’re a dog”. Loose access to your account, or type something wrong on your corporate Twitter feed, and you will quickly find yourself in the doghouse (as the Associated Press recently found out).
So, why accept that passwords are the weak link in safeguarding your users’ image-building, revenue-generating, customer-serving communication tool, while adding another text password mechanism on top of the first one? Not only is it cumbersome to Twitter users to spend extra time sending simple messages, but the level of security does not address a host of vulnerabilities associated with text-based passwords. Mathew Schwartz of InformationWeek.com finds five issues:
1. Dependency on a hardware device (don’t loose it!)
2. Lack of activation options on incompatible carriers
3. A phone can only secure only one account – too bad if you have more than one Twitter login.
4. “Group problem” for corporate accounts
5. Public Usernames Undermine Twitter Security Model
Tricerion image-based authentication would be a perfect answer to Twitter’s usability and security worries. Our simple to use mutual authentication system does not have the inherent problems of hardware-based or text-based systems. It’s pretty, it’s cool, it’s simple. Now I just need to re-write all this in 140 characters or less . . .