Twitter announced a major improvement regarding the security of its users. From now on, all those who are interested in the use of physical security keys will be able to use them to log in, both in the iOS and Android mobile applications. In this way, it will be much more complex for them to access your profile and misuse it. Here’s how you can use this new login method.
Twitter and the use of physical security keys
During the last months we have seen how some important user accounts were affected by security problems. It is true that there were cases where the problem was caused by internal tools that were used improperly, but in others it was simply mismanagement by the user.
That is why the company has been investing resources in improving key aspects of the platform’s security. Among all these changes, one of the most important has been the adoption of measures such as WebAuth, which has allowed them to add support for the use of physical security keys such as those from Google or the popular ones from Yubico.
In this way, along with more traditional double verification methods, security at the login was significantly increased. It even allowed many users to forget the option of sending 2FA codes through SMS messages. An option that due to techniques such as SIM Swapping are not completely safe, although they will always be much better than not having any of the double verification methods available active.
Protecting your account on all of your devices is important. We’ve updated two-factor authentication so you can now log in with your physical security key on Android and iOS, like on desktop. More on how to set up this added security for your account: https://t.co/c7hff75zQd
– Twitter Support (@TwitterSupport) December 2, 2020
What are physical security keys
Security keys are, in case you don’t know them yet, physical hardware devices that make use of the U2F two-step verification standard. Thanks to this, you do not require the sending of any type of code or generation through applications such as Google Authenticator, 1Password or similar. All you need is to have one.
There are different types of keys on the market:
- USB , with a USB type A or C offer the option of connecting them directly to the USB port of your device
- USB / NFC , in addition to the USB connection, they offer NFC connection to perform the verification just by bringing it closer to the device’s NFC reader
- USB / NFC / Bluetooth , Bluetooth connection is added here. They are the most complete model and if you do not have NFC and you do not want to be connecting to the USB port of the device, you only have to use the Bluetooth option so widespread among mobile devices especially
With all these options, it is easy for each user to choose the best physical security key according to their own needs and budget. Although the truth is that they are devices that are not expensive considering the advantages they offer at the security level.
How to use security keys on Twitter
The use of physical security keys when logging into Twitter through its official applications for iOS and Android does not differ from the process that must be carried out for browsers. However, it is important that you know that at this time it is possible that when you go to configure your application and Twitter account to start with one of these keys, you will see a message indicating that it is not available yet.
Being a recent announcement, the deployment of this functionality may take a while to arrive. However, check for possible updates available for your official Twitter application on iOS or Android. Once done, the moment it is activated, all you have to do is the following:
- Open the official Twitter application on your mobile device
- In the icon that gives access to the settings, click on Settings and privacy
- Now click on Account and then Security
- Click on Two-Factor Authentication
- From the three available security methods (text message, authentication application and security key) select the last of the options
- Depending on the type of key you are going to use, follow the instructions on the screen
- Once the process is finished, you will be ready to log in safely
From now on, when you want to log into Twitter on a mobile device, you can use your security key. A practice that is not essential, since the use of an app like Google Authenticator already represents a significant improvement. But if you are looking to exercise extreme caution, do not hesitate.