While beating two-factor authentication is no easy feat, it is certainly possible. What it would take is your phone service provider getting fooled by someone claiming to be you.

…anyone attempting to get into his Twitter account would have to have not only his password but a second code texted to his cell phone. Well, the hackers got his cell phone, too. It’s surprisingly simple for hackers to gain access to your entire mobile account. Just this week, the Federal Trade Commission’s top technologist Lorrie Cranor recounted to WIRED how hackers were able to hijack her account to buy new phones under her name, deactiving her family’s phones and sending her scrambling to lock down her account.

Comments

Source: [H]ardOCP – Twitter Hack Reminds Us Even Two-Factor Authentication Isn’t Enough