How cute is this?
So yesterday I made a blog about me taking down automatic twitter notifications to my inbox..
So what does some punk do?
He tries to reset one of my Twitter accounts at 2 in the morning.
Little did that person know that I’m a deranged nightowl and I never sleep; so I hopped on the problem like a duck on a june-bug.
Now anyway, if I was still in highschool I’d work on calling #fatTony to ensure that justice is served, but now adays I care primarily about just defending my accounts.
I ignore the haters.
Anyway, I couldn’t call myself Mr Computer Science without giving you a few tricks as to hardening your Twitter account from #spineless hackers.
Twitter Account Hardening 101
By default, your password should be super hard to guess or bruteforce; I’m talking 30+ characters with upper/lowercase letters, numbers, and at least a few special characters.
If you’re interested in studying the hardcore science of password permutation logic, then check out this gnarly post I made below:
https://www.mrcomputerscience.com/password-permutation-logic-password-hardening
PS: I remember some kid in calculus class once told me “password cracking doesn’t work; because all verification systems have numerical limits” – Well, smart guy, the key to a successful password cracker is bypassing the numerical limitations; in otherwords finding a method to verify account authentication without it activating the counter. Possible? Yes; but if I told you more I’d have to kill you.
(Speaking of password cracking, it was obvious someone tried to crack mine because right around the time of my password being reset, I was unable to log into my account without captcha; a classic method of password cracking limitation. AKA; someone was trying to bruteforce my password).
In any event, in addition to a super strong password, there’s something you need to know about password resets and Twitter accounts.
Anyone can activate a simple password reset on your account by default!
A little spooky right? Unless you modify your account settings, any lamer can come along and request a password reset.
In order to change that, Twitter (thankfully) has a setting you can alter that requires people to know your email address or phone number in order to initiate a change.
Now this isn’t as powerful as say two tier authentication but it’s much more secure than not having it.
That way some lamer can’t come along and just try to reset your password; they’ll have to know your email address and phone number too.
So, your account is exponentially more safe, unless of course your local system is keylogged, ratted, or backdoor’d.
Anyway, to enable that Twitter setting just access your settings control panel within Twitter.
And from within your control panel, scroll all the way down to find “Require personal information to reset my password”. and check that bad bear.
Now, consequently, nobody can initiate a password reset without knowing your attached email address or phone number.
Now, if you’re not very good with logic, this won’t prevent your crazy girlfriend from hacking your account, but will stop the typical shmuck who follows your blog from changing your password.
🙂
Anyway, stay safe guys.
And stay cool.
Happy Friday.
Cheers
Mike
Mr. Computer Science