How can Okta prevent highly coordinated attacks that impact verified Twitter accounts?

    Who was impacted?

    On July 15, 2020, several verified Twitter accounts of famous people and companies were breached and hacked. Companies and individuals such as Apple, Elon Musk, Bill Gates, Jeff Bezos, Barack Obama, and others. These hackers published tweets from these accounts soliciting donations via Bitcoin. An example of a tweet read: “We are giving back to our community. We support Bitcoin and we believe you should too. All Bitcoin sent to our address below will be sent back to you doubled.”

    With famous companies and individuals having a huge impact on others, the posted tweet within the first three hours of the attack went on and deceived people into sending more than $118,000 to the scammers. Bitcoin is a popular cryptocurrency used by scammers because it is virtually impossible to recover the lost funds.

    Twitter then stated that verified accounts will be capable of tweeting until the issue is resolved and have also disabled some account features such as password reset requests.

    How to secure your Twitter account

    • Create a strong Password

    • Twitters Two-factor authentication twitter two-way authentication

      • Check boxes for additional authentications
        • Text message
        • Authentication app
        • Security key
    • Never let your browser save your password browser save password for twitter

    How to Secure your Twitter account when using Okta

    As a User of Okta your organization may have restrictions on whether you have permission to add applications to your dashboard. Some applications may just be assigned. Either way to secure your Twitter account using Okta an administrator needs to set up the application to have App Rules.

    How to add App Rules in Okta

    When signing into Okta

    • Application
      • Locate or search for Twitter
    • Sign On Okta Application sign on for Twitter

    Different rules can be applied. The first thing to do is to Name the Rule

    • Rule Conditions consist of
      • People

      • Location

      • Client (Devices) Okta app rules

      • Access - Even though Okta is known to be a Single Sign On service, you can always add additional authentication.

        • To add a more secure way to access your Twitter account
          • An option recommended is to Prompt for Re-authentication for Every sign on
          • Make sure to click “SaveOkta Actions App rule

    When the Application Rule is set up in Okta, trying to sign in to that application routes you to an extra verification. In this case, we use Okta Verify as our Multi-factor authentication. Okta twitter chiclet

    Send Push” and using your Okta Verify application, then answer the notification “Yes, It’s MeMFA okta verify for twitter

    These extra verification process will allow you to have access to your Twitter with having the best possible secure way to not get breached or hacked.

    If you would like to learn more about Okta or how to get your organization started with Okta, give us a call 888-959-2825 and we would be happy to answer your questions.

    Talk to us

    Phone & Hours

    (888) 959-2825
    Monday-Friday: 9am to 5pm


    8117 W. Manchester Ave
    Suite 915
    Playa Del Rey, CA 90293