The @POTUS twitter account, one of the White House’s main social media accounts appears to be controlled by a user with a personal gmail account, the PBS NewsHour has confirmed.
The Next Web first reported on the apparent vulnerability of several accounts associated with the new White House earlier today. The finding was widely shared on Twitter by technology journalists.
In addition to being linked to a personal gmail account, the Twitter account appeared to have the lowest possible level of security, foregoing settings that would require a user to enter additional personal information to reset the password on the account.
As we put together this report, the account appeared to be in the process of upgrading to a higher level of security.
In its earlier form, the account did not have two factor authentication enabled. Two factor authentication adds an additional layer of security by limiting access to users through identity verification.
The Electronic Freedom Foundation, a nonprofit that advises organizations on online security practices states that “Two-factor authentication can help mitigate the damage of a password breach or phishing attack.” Many of the highly visible email hacks that occurred over the course of the 2016 presidential campaign were the result of successful phishing attacks on personal email accounts.
This is a developing story. We are pursuing comment from the White House. Morgan Till contributed to this report. Note: the time on the second screenshot was updated to reflect that it was taken at 12:59 p.m.