Twitter has finally done something about all the high-profile accounts hacks its been seeing, introducing a form of two-step authentication in order to help users better secure their accounts.

The security measure means that those who activate it will be required to enter a second, six-digit passcode sent via SMS each time they attempt to login to their accounts from an unknown device. Users can activate login verification by heading to their account settings page. Select the “Require a verification code when I sign in” option, provide your email address and phone number, and then click on the email verification link Twitter sends to finalize the activation.

Twitter states in a blog post that two-step authentication won’t affect user’s existing applications:

“If you need to sign in to your Twitter account on other devices and apps, visit your applications page to generate a temporary password to log in and authorize that application,” it says.

The delayed roll-out of two-step authentication comes following series of high-profile hackings on Twitter in the last few months, many of which were carried out by the so-called Syrian Electronic Army in support of President Bashar Assad’s regime. The most recent attack saw the SEA take control of a Twitter account belonging to satire news site The Onion. It was later revealed that the hackers gained access using simple phishing tactics that involve sending a fake email containing a link to a malicious website. A number of staff members fell for the trick, logging into the fake site and passing their Twitter login details to the SEA in the process. Presumably, had The Onion been using two-step authentication, the SEA wouldn’t have been able to access its account even if it had the password.

In a separate development, within hours of Twitter announcing its new security measure, Megaupload founder Kim Dotcom asserted that he owned the copyright behind two-step verification, and that US companies including Twitter, Facebook, Google and others were infringing on his copyright.

“Massive IP infringement by US companies. My innovation. My patent,” he tweeted.

However, Dotcom suggested that he was willing to overlook this infringement if the companies supported him in his ongoing legal battle with the US Department of Justice:

“All of our assets are still frozen without trial. Defending our case will cost USD 50M+. I want to fight to the end because we are innocent,” he added in a later tweet.

Dotcom isn’t the only person to have claimed ownership of the technology behind two-step verification. Just last month, following the launch of Microsoft’s own two-step authentication service, a company called StrikeForce technologies sued one of its subsidiaries for infringing on its patents. StrikeForce, which is based in New jersey, claims to be the sole patent holder for “out-of-band authentication”. It said that Microsoft isn’t the only company on its hit list, promising to expand its lawsuit to other technology firms offering two-step authentication “at a later date”.

Not that Twitter seems too bothered about these allegations. The company said that although its been slow to roll-out the service, the threat of patent suits was not the reason why. Instead, it claimed that the delay was because they wanted to be able to integrate other security features in future.

“Much of the server-side engineering work required to ship this feature has cleared the way for us to deliver more account security enhancements in the future,” said Twitter on its blog. “Stay tuned”.