**Gregory P. Smith (he/him) 🚲🦝** @gpshead@infosec.exchange · Jan 11, 2024, 04:14

**Gregory P. Smith (he/him) 🚲🦝** @gpshead@infosec.exchange · Jan 11, 2024, 04:14

Gregory P. Smith (he/him) 🚲🦝 @gpshead@infosec.exchange

Jan 11, 2024, 04:14

Gregory P. Smith (he/him) 🚲🦝 @gpshead@infosec.exchange

The U.S. SEC's twitter account “did not have two-factor authentication enabled”. In 2024. For reals.

#SEC #security #fail #2fa #LackOf

**Paul Ganssle** @pganssle@qoto.org · 2024-01-11T04:59:00Z

Paul Ganssle @pganssle@qoto.org

@gpshead Interesting, I was not surprised by this because last time I checked, Twitter was only supporting SMS 2FA(and IIRC Twitter once used those numbers for advertising), which I assume is incompatible or massively inconvenient for an org account, but it seems like they have improved the situation a lot since then.

Jan 11, 2024, 04:59 · · Tusky · · ·

**Gregory P. Smith (he/him) 🚲🦝** @gpshead@infosec.exchange · Jan 11, 2024, 06:26

**Gregory P. Smith (he/him) 🚲🦝** @gpshead@infosec.exchange · Jan 11, 2024, 06:26

Jan 11, 2024, 06:26

Gregory P. Smith (he/him) 🚲🦝 @gpshead@infosec.exchange

@pganssle
The sadder part is that any US govt agency has Twitter accounts at all. What a waste.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…