Sidebar Ads

How to Use Twitter Best Security Feature

Twitter has just made a major tweak to its best security feature. Now, you don't have to hand over your phone number to Jack to use it

Twitter has just made a major tweak to its best security feature. Now, you don't have to hand over your phone number to Jack to use it.

Multi-factor authentication is one of the best ways to prevent someone else from accessing and hijacking your account. Where available, it should always be enabled. 

Twitter for iOS gets Dark Dark mode "Lights out"

Although Twitter has received 2FA authentication for years, the company announced on Thursday that users can now use 2FA without associating their number with their account. 

Furthermore, the online Twitter producer Kayvon Beykpour tweeted Twitter so that users who linked their number to their account, as well as app-based authentication, can remove their numbers and keep 2FA enabled.

Twitter provides three ways to secure your account: through an SMS text message, through an authentication application like Authy or Google Authenticator, or with a physical security key. 

The important thing to know is that while any two-factor authentication is better than nothing, it does not provide the same level of security.

SMS authentication texts can be intercepted by stealing the SIM card by bad actors trying to control the account. 

Although a physical key may be the most powerful way to protect against hacking, authentication apps are a powerful option - the best and easiest way to secure your account without using a physical key.

Twitter best mistakenly shared location data for some iOS users

To access these tools, head to the Settings section of your Twitter profile. On the Account tab, you'll see the Security section, click the Verify sign-in option, and scroll down to the Verification methods section. 

If you decide to enable 2FA using your phone number - again, this is not necessarily the best option but much better than no two-factor authentication at all - you'll need to verify your phone with a text code.

Your best bet is to go to the Apple App Store or Google Play Store and download a compatible authentication app (Google Authenticator, Authy, Duo Mobile, 1Password and more), which you can use to pair with your Twitter account and any other 2FA-based app. Once you get one, here's what you'll do:

  • In Two-factor authentication settings, select Apply authentication.
  • You should see a message about using "A compatible authentication app to get an authentication code when you sign in to Twitter." Click Start.
  • Enter your Twitter password, and then click Verify.
  • Twitter will display a QR code. Open your authentication app and check the QR code to link your account. Click Next.
  • Enter the authentication code shown in your app, and then click Verify.
  • You should then see a note from Twitter stating that you are "all set". Click Get.

As Beykpour has noted, you'll now be able to uninstall your phone number if app authentication is enabled - be sure to do so also after enabling 2FA based app. 

(As Engadget explained, the Twitter software engineer said that the second method is, for the time being, still required for those who use physical keys because they are not supported off the web.)

Gizmodo communicates with Twitter to see if the company is storing mobile numbers removed from accounts or whether this data was immediately deleted. 

The company did not immediately return a request for comment, but we will update this post when we hear feedback.

In short, always use 2FA, and enable app authentication where available.

Source: Gizmodo


Post a Comment