DEV Community

Discussion on: What are the major lessons from the Twitter hack?

Collapse
 
cyberhck profile image
Nishchal Gautam

not what was your pet's name or something

I don't know if you actually read my full reply or not, I said not like that, that can be public knowledge,

but questions like:

which phone do you use to make most of the tweets? (system knows this, and this isn't public knowledge)
Which 2FA auth have you setup? (same, user doesn't set this as an answer, but things like did you use sms? which phone number did you use? etc)
When you got your account verified, which identity did you use? did you use passport? or citizenship?
Which email did you use to create this account?
Tell me the phone number you've used on this account for 2FA,

please tell me which of these questions you can work out? and if any of these aren't actually relevant for those people?

Pet name can be worked out, and not everyone has a pet, but you can't find elon's phone number on random site, and again, I'm saying, ask 5 of these questions, only when they all 5 correctly, only then the customer support person can do anything to the account.

Please read the reply correctly first :) (not being toxic, just thought you didn't read it before jumping into attack mode)