The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!

Last month’s big hack has given Buffer a crash course in security.

The social sharing app suspended its service last month after a hack let attackers post on user’s Facebook and Twitter accounts.

Now, Buffer says it’s learned a lot from the experience and is bolstering its app security so that a the hack can’t happen again. For one, Buffer users can now turn on two-step login, which lets them require an extra security code each time they log in.

The logic behind two-step login and authentication, the latter of which most of the big tech companies have adopted, is that hackers have a much harder time getting into your account if they need two factors — your email address and a security code — rather than just one. It’s not foolproof, but it’s better than the alternative.

Alongside two-step login, Buffer says it’s also resetting breached credentials and encrypting the access tokens that lets it post to users’ social media accounts. Buffer also says it’s forcing its team members to turn on two-factor authentication for their own Google, Github, and Dropbox accounts, which, frankly, they should have already done. But let’s focus on the positive!


VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member