Fixing Authentication on Ancient Twitter


Let's roll back the clock a bit and indulge in a counterfactual exercise.  In class, I noted that Twitter was sanctioned by the FTC for a variety of authentication-related problems. Assume that you're a security specialist at Twitter and that you've discovered the problems before they become critical. That is, you've realized the issues with bad passwords, password storage, etc., before anyone has exploited the weak authentication and created mischief. Your job is to write a memo to top management explaining the problem, the risks, and your proposed solution.


However...


Top management—the CEO, the CFO, and the Board of Directors—is composed of very busy, semi-technical people. Therefore, your note may be at most two pages long (1" margins, no font smaller than 12-point). The note must explain:



Again: two pages max, written for a semi-technical audience.


This homework must be submitted via Courseworks as a PDF file.