Twitter has added a new form of multi-factor authentication allowing security folks to use hardware-backed 2FA on Android and iOS, which is considered more secure.
Starting today, users can now use their hardware 2FA keys to secure and login into their accounts. Previously the company only allowed users to use hardware-backed 2FA keys on desktop.
“Protecting your account on all of your devices is important. We’ve updated two-factor authentication so you can now log in with your physical security key on Android and iOS, like on desktop,” the company said.
This is an addition to other MFA forms the platform already offers, such as Auntheticator apps, like Authy and Google Authenticator, and SMS-based 2FA. The latter isn’t commonly recommended these days due to the proliferation of sim jacking, commonly known as sim swap fraud that has emerged as a global security threat at some point. Kenyans have also been affected immensely by this menace.
In fact, Sim swap frauds made Twitter start allowing users to add 2FA without including their phone numbers that were originally required for account recovery and backup. But the company also found an additional purpose for phone numbers as well: ad-targeting.
How to Sign in to Twitter via Physical Security key
To sign up for hardware-based 2FA, you need to enable sign in via Authenticator or text message as one of your two-factor authentication methods first.
Head over to the Settings and Privacy > Security and Account access > Security > Two-factor authentication to turn on text-based or Authenticator app-based 2FA.
Next, select Security Key > Start and Insert your physical security key to your computer’s USB port or phone’s USB port and follow the instructions to finish the setup.