Twitter urges better security after spate of account hacks

Twitter has advised businesses using its site for corporate accounts to ensure they choose strong passwords and watch out for nefarious activity after two high-profile accounts were hacked.

Earlier in the week Burger King saw its accounts hacked, forcing it to take it offline for a number of hours, while car firm Jeep was the second firm to be hit on Tuesday evening.

In response, Twitter's director of information security, Bob Lord, has urged those running their accounts to ensure they have strong, hard-to-guess password so they don't fall foul of any similar issues.

"Over the past couple of days, there's been a fair amount of conversation about account security on Twitter. We thought we'd take advantage of this moment to remind you of best practices around passwords - both on Twitter and on the internet generally," he said.

The advice includes using a strong password of at least 10 characters using upper and lower case characters, numbers, and symbols.

"You should always use a unique password for each website you use; that way, if one account gets compromised, the rest are safe," it added.

Other advice included watching out for suspicious links and to check the URL of the site you're on before entering key credentials.

"Whenever you are prompted to enter your Twitter password, just take a quick look at the URL and make sure you're actually on Twitter.com. Phishing websites will often look just like Twitter's login page, but will actually be for destinations other than Twitter," Lord wrote.

Other basic advice included making sure not to give out login details and keeping the computers being used to run the accounts up-to-date with software and security updates and patches.

While the suggestions made by Twitter are hardly ground-breaking they do underline the importance of good basic security practices in all areas of a business to avoid silly mistakes harming reputations or causing financial damage.

While the blog post shows Twitter is aware of security issues with its site, it ignores repeated calls that have been made for two-factor authentication to be added to the site to give accounts holders better security.