The most powerful Twitter account in the world was apparently linked to a private Gmail account that may or may not be protected with two-step authentication.
A hacker known on Twitter as @WauchulaGhost told CNN that the president’s account was linked to a personal email account — most likely one belonging to Dan Scavino, his social media chief.
— WauchulaGhost (@WauchulaGhost) January 21, 2017
That means a hacker could potentially gain access to that Gmail account, which may have only a single layer of password protection, to ask Twitter to reset Trump’s password and then begin posting messages that could potentially move stock markets or start a nuclear war.
Twitter allows users — or hackers — to reset their password code through a hyperlink sent to the email account associated with the social media account.
That’s helpful when the account’s rightful owner forgets his or her password, but problematic when a hacker breaks in and locks out the legitimate user.
If two-step authentication is enabled, and there’s no indication that Trump uses that process to protect his account, a motivated or sophisticated hacker could still break in.
To make matters worse, Trump apparently sends his own tweets from an unsecured Android phone, according to the New York Times.
The consequences could be devastating if a hacker gained access to Trump’s account — which has 22.2 million followers and now the power and authority of the White House.
The possibility is also deeply ironic, considering Trump and his supporters frequently attacked his election rival, Hillary Clinton, over concerns about the security of her own online communications.