Twitter added last year the option for users to log into its mobile app using a physical security key as a two-factor authentication method, but you had to have another authentication method enabled to use it. Now Twitter is improving this feature to let users add a security key without having another two-factor authentication method enabled in your account.
As shared by the Twitter Support account on Wednesday, security keys can now be the only two-factor authentication option in both mobile app and website. With this new feature, users can simply set up a physical security key without having to add text message or authentication code as a backup.
In a blog post, Twitter explains that this change is important since not every user can have or wants another two-factor authentication method besides the security key, such as someone who does not want to send their phone number to Twitter’s servers.
Today, we’re adding the option to use security keys as your sole 2FA method — meaning you can enroll one or more security keys as the only form of 2FA on your Twitter account without a backup 2FA method. We know this is important to people because not everyone is able to have a backup 2FA method or wants to share their phone number with us. With this update, we want everyone to feel empowered to enable security keys to better secure their Twitter account.
For those unfamiliar, physical security keys are small devices that store authentication codes for apps and websites. This way, no one can log into your accounts without having access to this physical key. Apple has added support for physical security keys with iOS 13.3, which works via the Lightning/USB-C connector or even NFC on compatible devices.
According to Twitter, the new feature is now being rolled out to users in its iOS and Android apps, as well as the Twitter website.