- Soren's Newsletter
- Posts
- X Alternate Identity Verification Feature
X Alternate Identity Verification Feature
Using weird personal info, of course
Yesterday was… in a word, stressful.
Someone took over my X (Twitter) account and started trying to scam people by acting like they were selling Macbook Pros and asking my followers to DM with their payment information. As of this writing, I’m still waiting to get my account back.
I’d like to make it clear that I will never ask you to give me your credit card information directly. I process payments through secure, encrypted channels like Square or Stripe. This is for your security and also my own sanity when trying to manage multiple concurrent payments.
As I stewed in anxiety and panic yesterday afternoon I started thinking about other potential avenues for identity verification. One of my favorites is the age-old “security question” where you provide an answer to a vague question like “What was your high school mascot.”
Since I had time to kill without access to social media, I made a mockup. What if X required you to verify your identity through a weirdly personal and intrusive security question that only you could know?
The immediate problem with this is that a hacker can just guess and have a 1 in 3 chance of getting the right answer on their first try. Also, to ask a question like this they’d need to be surveilling you constantly which isn’t very cool.
All that said, if you haven’t updated your passwords in a while I highly recommend doing so. Here’s hoping there are no more hacks on any of my accounts in the months ahead.
Have a friend who’s dealt with a hacked account? Send them this newsletter.
Reply