You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
FTC announced a new data security settlement today, one of the first under Khan's admin. The order has a couple new provisions that FTC watchers will want to look at closely.https://www.ftc.gov/news-events/news/press-releases/2022/03/ftc-takes-action-against-cafepress-data-breach-cover?utm_campaign=ftc_takes_action_against_&utm_content=1647365644&utm_medium=social&utm_source=twitter …
First, CafePress is banned from authenticating users via security questions (like, what's your mother's maiden name or what's your favorite pizza topping), and needs to use multi-factor authentication instead. https://www.ftc.gov/system/files/ftc_gov/pdf/Residual%20Pumpkin%20Agreement%20Containing%20Consent%20Order.pdf …
Security questions are not a great practice. The answers can often be deduced, they get exposed in breaches, and many sites re-use them and won't let you change them after you register. This is the first time FTC has explicitly called them out.
On multi-factor, the order doesn't expressly prohibit SMS, but strongly suggests that another more secure protocol should be used instead (authenticator apps, security keys, etc).
Finally, the order requires CafePress to establish data minimization policies going forward. That's a bit unusual in a data security order and could be a nod to where the FTC is headed with rulemaking down the road...
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
