Yesterday, Twitter notified it's followers and the press that a bug had potentially allowed some 330 million user accounts to have their passwords stored without encryption. They have advised users to change their passwords even though they believe no compromises of this data has occured. You can read the whole story via Twitter here
and the BBC News story here
I have indeed changed my Twitter password this morning - and I also went one step further, by securing my Twitter account with Multi Factor Authentication.
Now there's primarily two ways you could do this.
You could have the app integrated with Office 365 by assigning it to users through the Azure Marketplace
, but assigning multi factor authentication to gallery applications this way requires Azure AD Premum P1 or better licensing whether it is deployed by Administrators or available for users via self service. Plus it would also utilise your Azure AD identity for authentication and verification to Twitter.
The other way is to natively integrate it directly through Twitter. Microsoft has made great gains in ensuring the Authenticator app in the relevant app stores can provide both corporate, personal and third party app support through a single application pane.
So, now that you've woken up and changed your Twitter password this morning, here's how you protect your account with Multi Factor Authentication and the Microsoft Authenticator app.
Login to Twitter and go to 'Settings and privacy'
Select 'Set up login verification'
You will go through a process to get a verification code to your registered mobile device
Once you have entered the verification code and completed this process you'll be able to review your login verification methods for Twitter
From here you'll be able to select a 'Mobile security app' to protect your Twitter account
Select it and start the process
Twitter will provide a QR code which you can use with the Microsoft Authenticator app to add your Twitter account
Open the Microsoft Authenticator account on your mobile device and select 'Add account'
Select 'Other account (Google, Facebook, etc.)
Once you have scanned the QR code in, Twitter will be added to your Microsoft Authenticator app
Back at Twitter, you can now add the code for Twitter from the Microsoft Authenticator app to complete the process
And that's it. You're all set up!
You can now use the Microsoft Authenticator app for your Azure Active Directory MFA requests, and your personal accounts and personal apps like Twitter.