Twitter will soon let you use a security key as your only 2FA method. The company also said it will allow multiple security keys per account instead of just one.
Twitter is planning a future update that will allow accounts enabled with two-factor authentication to use security keys as the only authentication method, the company said on Monday.
Moreover, you can use a security key to sign in to your Twitter account. However, but you need to have another 2FA method - like an authenticator app or SMS codes - enabled as backup.
While authentication apps like Google Authenticator or Authy are more secure than using SMS codes for 2FA. Security keys - physical keys that connect to your computer using USB or Bluetooth - are the most secure way to protect an account online. Users don't have to type in a code that could be intercepted by a malicious third party.
You connect the key, your browser issues a challenge, then the key cryptographically signs the challenge and verifies your identity. Another benefit of using a security key: users don't have to give Twitter any additional personal information, such as a telephone number, to be able to log in to their accounts.
Twitter also said Monday it will allow multiple security keys on a single account; until today, it only allowed one key per account, in addition to the other 2FA methods. In December, Twitter announced it was adding support for security keys for 2FA-enabled accounts when users log in to its mobile apps.
A Twitter spokesperson said Monday there wasn't a timeline for when security key-only 2FA would take effect.
How to send the free notification read here