Poor Elmo. The adorable, perpetually, the character of Street of Sesame, 3 years old, loves us, but someone clearly does not like the Red Guy in fur. The pirates resumed its popular X account (formerly Twitter) on Sunday and published resolutely non -Elmo content. It is surprising for a character and a platform that focuses on teaching us a basic social media rule: always set up authentication with two factors.
All deeply offensive messages have since been removed from the Elmo account, which has more than 684,000 subscribers, and although Sesame Street has publicly commented on the hack, the Elmo account has been silent for 48 hours.
To think, all of this could probably have been avoided if Sesame Workshop, who manages the account, had learned a simple lesson.
T is for two factory authentication.
If you have a blue check (or an official color check) on your X account, you are probably a target. Elmo’s account is verified, although we think it should be a red check. For a while, it was difficult to identify the accounts verified because the CEO of X Elon Musk removed them in 2023, demanding that anyone who wanted a pay $ 8 per month. He sold a year later, and accounts like Elmo obtained their checks. It was good news, except for the fact that the hackers immediately knew who target exactly that targets.
Acting in the verification was two -factor authentication, or rather how you can check. X has completed the SMS (text -based) verification for non -paying members and rather promotes codes and safety keys.
But I’m getting lost. It helps to explain authentication with two factors (also known as 2 factors and 2FA) in a way that Elmo can understand.
Elmo likes to learn
Elmo. Elmo, look at me. Please stop playing with this puppy and look at me.
Yes, yes, I know, “Elmo loves me.” Please listen.
Do you know that the X account that you like to use so much, the one where you offer hugs and ask everyone to go out and play?
I know, well, his name was “Twitter”. No, I don’t know why they changed the name.
Let’s focus.
Your X account has your name and you use it by logging in, right?
Yes, Elmo, you did a very good job with that. I see you on the account every day, so you clearly know how to connect. It’s very good, Elmo.
But, Elmo, your account is missing something.
No, wait, Elmo, don’t run out to find it. This is not something you have abandoned.
You have to make yourself more difficult to connect. You need to add something called “two -factor authentication”.
More difficult is sometimes a scary word, but not this time, and, yes, “authentication” is a big word. I can help.
Safety ABCs
It’s simple, Elmo, when you connect to your account, you will also need your phone with you to generate a code.
Yes, Elmo, I see your phone. It’s very nice. I know you don’t use it all the time. You are good on this subject.
Authentication with two factors simply means, Elmo, that when you connect, there is a second step (or a factor) that you must accomplish before you can use your account again.
First of all, you must activate two-factor authentication on your X account. This means that you will need the email you have used to create the account. Ask adults from the Sesame workshop to find it. They will also have to enter the password, then check the use of a secondary connection method.
Now, Elmo is where it becomes a bit complicated. Once it is configured, after you connect – Elmo, stop playing with Tango for a second and look at me – Twitter will ask you for a code.
I use, and I think you could also, the Google authenticator
App. Once it is configured, after trying to connect (you or an adult of trust, Elmo), you will be asked for a code. You just open the Google Authenticator application and take the code displayed for X, then enter X.
After that, Elmo, you’ve finished.
Yes, yes, Elmo, it’s exciting. No, I don’t think it’s fun, but it’s good if you do.
Make a hug at 2fa
Okay, I think Elmo understands.
I hope you do it. The technology here is simple: a hacker cannot connect to your account without this secondary check system. They need this code, which only comes from the application and the phone in your hand.
I promise that the pirates will try and you could receive emails on their attempts, but they will probably fail because the hackers do not have this code and cannot finish the connection. In addition, 2FA is not only for X; This is a precious safety tool for any online account, including emails, banks and working accounts.
Another thing for you and, oh, elmo, come back here for a second. Everyone should change their passwords every six months. This makes pirates that have raised your information difficult in a data violation to use the old passwords to access your accounts.
I know, Elmo, you love us. We also love you.
