For the past week, the official @POTUS Twitter account has been linked to a private email address, raising serious questions about the security of the closely watched account. The link was first discovered by a security researcher, WauchulaGhost, who reported similar weaknesses in the @FLOTUS and @VP accounts. Users can see the first letters and associated domain of the accounts by attempting to log in and choosing the Forgot Password option. The account was moved to Whitehouse.gov addresses at roughly 1PM today, after many observers had raised questions about the security of the Gmail address.
It’s unclear whether compromising those email addresses would give an attacker access to the accounts. Twitter has long-supported two-factor authentication, and high-profile accounts often have far more sophisticated protections in place. (Twitter did not respond to a request for comment.) President Trump has drawn criticism from many in the security world for apparently continuing to use his unsecured Android phone, while his senior staff has drawn similar fire for maintaining private email accounts at the RNC.
President Trump’s habit of directly criticizing companies and public figures on Twitter has led to fast and significant stock market shifts, leading many to watch his accounts closely for activity.