article featured image


Twitter announced in March that they will change the way users login into their Twitter account, by simplifying the 2FA Method. Now, an update from this week says that you can authenticate using the security keys as the only 2FA method, as the phone number or other factors are not required anymore.

What Is the 2FA Method (Two-Factor Authentication)?

As one can guess from its name, a 2FA method, explained as two-factor authentication is basically a two-step verification. Thus, users login into their accounts by providing two authentication factors: one can be a password or a passcode, the other can be a biometric factor (for example, facial scan or fingerprints) or a security token.

What Changes Made Twitter?

Now Twitter has announced that security keys serve as the only 2FA method. They disabled the other login methods in 2FA such as backup codes on SMS. This new option is available on both web and mobile applications.

Security keys are small devices that act like keys to your house. Just as you need a physical key to unlock the door to your home, you need a security key to unlock access to your account. Security keys offer the strongest protection for your Twitter account because they have built-in protections to ensure that even if a key is used on a phishing site, the information shared can’t be used to access your account.


Hackers can perform takeover attempts by stealing credentials, guessing them, or resetting passwords. With the new 2FA method, users use physical security keys and thus they are the only ones who can authenticate into the Twitter account and block malicious attacks.

This change came as a result of the fact that not all those who use Twitter have or want to have a backup 2FA method, provide their phone number to the company or make use of a third-party authentication application to login into their account.

How Do I Turn on My 2FA Method on My Twitter Account?

  • Go to the profile menu;
  • Find Settings and Privacy;
  • If you are on a desktop, go to Security and Access Account;
  • If you are on iOS go to Accounts–> Security;
  • All you have to do is to enable the 2FA method from there.

Security Keys: the Safest Way Against Cyberattacks Using 2FA Method

Security Keys are not exactly new in the Twitter policy. They were firstly provided for the web in 2018 and support for mobile applications was also provided by Twitter in 2020, BleepingComputer reports. The difference between then and now is that in the past security keys were one of the various authentication steps in the 2FA method, now it is the only method a user needs to authenticate using 2FA.

Additionally, Twitter updated the security key support to meet the WebAuthn standard. The WebAuthn is an Application Programming Interface (API) that basically stands for credential management which allows users to use a single authenticator to securely authenticate without the need for a password.

Security keys are the best current ways to secure your account, Twitter added:

While any form of 2FA is better than no 2FA, physical security keys are the most effective.


Author Profile

Andra Andrioaie

Security Enthusiast

linkedin icon

Hi! My name is Andra and I am a passionate writer interested in a variety of topics. I am curious about the cybersecurity world and what I want to achieve through what I write is to keep you curious too!

Leave a Reply

Your email address will not be published. Required fields are marked *