How to protect your Twitter account without SMS two-factor authentication
Twitter will soon be removing the option for text message two-factor authentication to all but those subscribed to Twitter Blue. But fear not, there are other ways to secure your account.
Also: Why is Twitter turning millions of accounts into defenseless targets?
There are two alternative options available to you, and both of them offer better security than SMS-based two-factor authentication:
These security options are a bit buried in the user interface, but can be accessed by going to Settings and Support then Setting and privacy, followed by Security and account access, then Security, and finally Two-factor authentication.
Also: How to use Microsoft Authenticator as your password manager
Note: These instructions are the same whether you are using a web browser, or the app for iOS, Android, Windows, or Mac.
This is the screen you are looking for:
Let’s take a look at how to set up each of these options.
How to set up an authentication app
Here’s how to secure your twitter account using an authentication app.
You’ll need an authentication app first.
There are loads, from the ubiquitous Google Authenticator and Microsoft’s authenticator app. For Android there’s Aegis. There’s also a cross-platform app called Authy, and then there’s those built into password managers such as Bitwarden.
All the apps listed above are free.
There are a lot to choose from. If you’re already using one, you’re good to go, otherwise you need to download and install one for use.
Start the process and you’ll be asked to scan in a QR code.
If you can’t scan in the code, you can enter a text code into your authenticator app which does the same as the QR code.
To make sure that you’ve correctly added your Twitter account into your authenticator app, Twitter will ask you to enter a confirmation code that your authenticator app spits out.
If the confirmation code is correct, you’re done (if not, try a new code, and if that doesn’t work, go back to the beginning and restart the process).
Now when you log in, you will occasionally be asked for a code from your authenticator app.
How to set up a security key
Here’s how to secure your Twitter account using a security key.
1. Get a security key
A hardware security key is a fantastic tool to help stop hackers in their tracks as it offers an additional layer of defense. Even if a hacker has your username and password, the security key will keep your account secure.
There are a lot of great security keys for you to choose from, with my favorite being the YubiKey 5C NFC.
2. Link your security key to your Twitter account
Start the process and you’ll be asked to add your security key to your account.
Click on Add key.
Next choose the key.
Instructions will now appear to guide you through the process.
When the key has been successfully read, you’ll be asked if you want to add it.
3. Name your security key
Finally you can name the key. If you have more than one, give it a name that makes sense to you so you know which one to use.
4. You’re done!
That’s it, you’re done.
What are those backup codes?
When you set up any two-factor authentication on your Twitter account, you’ll be given the option to set up a backup code. This is a one-time code that you can use if you don’t have access to your authentication app or security key.
If you want to set this up — and I recommend you do — click on Get Backup Code.
Keep this code safe — maybe in your password app or printed out and kept in your wallet or purse — in case you ever need it. You can generate further backup codes if needed.
READ MORE HERE