Why Twitter Can't Even Protect Tech CEOs From Getting Hacked

Over the past few weeks, we have seen a number of CEOs -- including Google's Sundar Pichai, and Facebook's Mark Zuckerberg -- become victims of Twitter hacks. One must ask, what's wrong with Twitter that so many people -- including high-profile names -- keep getting hacked? BuzzFeed dives deep into the problem, and says it's how Twitter interacts with third-party apps that's at fault. From the article:Over the past several weeks, however, a three-person hacking team called OurMine has made clear that years after the problem first came to light, third-party authentication is still a security nightmare for Twitter. By gaining access to apps with third-party write access, OurMine has been able to post to the Twitter accounts of tech bigwigs like Facebook CEO Mark Zuckerberg, Google CEO Sundar Pichai, and Uber CEO Travis Kalanick. In other words, whichever write-authorized app connected to your Twitter is least secure is exactly how secure your Twitter account is. [...] The public nature of Twitter, whose main point is to share information as quickly and widely as possible, has made these attacks a much bigger issue for Jack Dorsey's company than they are for Facebook. And there's very little Twitter can do to solve the problem that doesn't defeat the incentives for third-party writing privileges in the first place: Speed and functionality. Adding layers of security -- like an extra login -- to access Twitter through a third-party app defeats the purpose of speedy cross-platform sharing. And disabling third-party writing would anger developers and hurt engagement, a cost Twitter probably isn't willing to bear.

Why not create an invisible VIP-account class

[codemaster2b]

While you can't fix the general weakness of the platform, there's nothing stopping Twitter from slapping on a "VIP" mark on special accounts, which will make any attempt to change passwords, etc, take extra steps and authentications.