Passwords are used to protect our bank accounts, our gaming accounts, our social network accounts, email accounts, and so on. Previously most websites would require users to enter a username and password to access their account, but lately security has been stepping up where there are now two-factor authentication methods.
This means that not only do you have to enter your password, but you will have to enter an additional code that can be generated and sent to your mobile device or via a dongle that generates a security code for you, but is two-factor authentication enough these days? Well a report for The Wall Street Journal, Christopher Mims, decided to put it to the test by releasing his Twitter password in his article.
So far his Twitter account appears to be safe and not hacked, despite many users attempting to log into his account. However as noted by Forbes, his phone was soon spammed with authentication codes till the point where he had to change the number associated with his account. In fact when Forbes tried to get in touch with him, they got a message saying that his line was out of service.
On one hand it did a good job at proving that the two-factor authentication does work, but at the same time the spam of authentication codes could be thought of as a form of DDoS, unless Mims decided to turn it off voluntarily, but what do you guys think? Was it a smart move just to prove a point?