Twitter is arranging a future update that will permit accounts empowered with two-factor authentication to use security keys as the only authentication method, the organization said on Monday.
As of now, you can utilize a security key to sign in to your Twitter account, yet you need to have another 2FA strategy — like an authenticator application or SMS codes — enabled as backup.
While confirmation applications like Google Authenticator or Authy are safer than utilizing SMS codes for 2FA, security keys — physical keys that associate with your computer using USB or Bluetooth — are the most secure approach to ensure an account online. Clients don’t need to type in a code that could be intercepted by a malicious third party.
You associate the key, your browser gives a challenge, at that point the key cryptographically signs the challenge and verifies your identity. Another advantage of utilizing a security key: clients don’t need to give Twitter any extra personal information, for example, a phone number, to have the option to sign in to their accounts.
Twitter likewise said Monday it will permit various security keys on a single account; until the present time, it just permitted one key for every account, notwithstanding the other 2FA strategies.
In December, Twitter declared it was adding support for security keys for 2FA-enabled accounts when clients sign in to its mobile applications.
A Twitter representative said Monday there wasn’t a timetable for when security key-only 2FA would produce results.