Skip to main content
  1. Home
  2. Computing
  3. News

Twitter no longer needs phone numbers for two-factor authentication

By

Twitter’s two-factor authentication system has received a long-requested boost in security, as the feature will no longer require the phone number of users.

Twitter rolled out its two-factor authentication system years ago. The feature, upon activation, requires account owners to type in a code sent to their associated phone number every time they attempt to sign in. It aims to provide an extra layer of security beyond account passwords, which have been prime targets for hackers.

Recommended Videos

The two-factor authentication system that Twitter implemented, however, still had several flaws, as it remained vulnerable to phishing attacks and SIM hijacking.

Related

It took a while, but Twitter has finally improved the security of its two-factor authentication system, as well as made it easier to activate, by dropping the requirement for users’ phone numbers.

https://twitter.com/TwitterSafety/status/1197621020229804054

When users attempt to activate two-factor authentication, they will now be able to choose between three options for the second factor in addition to their account password. The options are a text message, authenticator app, and security key.

Security keys are physical devices that are arguably the best way to block hackers, as the would-be hackers would need to get their hands on the key before they are able to break into an account. Authenticator apps, however, are also a solid option. They may be downloaded through Apple’s App Store and the Google Play Store, then paired with the Twitter account to enable two-factor authentication.

For Twitter users who already have two-factor authentication set up, deleting their phone numbers will make the “Safeguard your account” prompt appear. Some users have been warned by the website or app that removing their phone numbers would deactivate the security feature. These messages should go away soon as the changes continue to roll out.

Beyond wanting an additional layer of security, there may be another reason users want to move away from using phone numbers for two-factor authentication. Twitter revealed last month that some of the phone numbers and email addresses submitted by users may have been inadvertently used for advertising purposes.

To enable or update a Twitter account’s two-factor authentication, users simply need to enter the Settings menu and access the Security section under Account. Selecting the Login Verification option will present the three options for the system. After choosing to use either a security key or an authenticator app, users may then delete their phone numbers by moving back up to the Account menu, tapping their phone number, and hitting delete.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Your iPhone can now act as a physical Google security key
Google account security

A year after introducing it for Android phones, Google has today announced that iPhones can now function as physical two-factor security keys for logging into the company’s own services like Gmail in Chrome. This authentication method is a lot more secure than the two-factor prompt you’re likely used to, as it requires your iPhone to be physically in the computer’s proximity.

Two-factor authentication adds an extra layer of security to your accounts. However, SMS and internet-based two-factor processes have been in the past failed to prove as secure as one would hope for. Google’s solution for that takes advantage of your phone’s Bluetooth to turn it into a dedicated security key and ensures you’re physically authenticating the login.

Read more
A Twitter bug could use your phone number to expose personal information
twitter-app

Don’t upload your contacts to Twitter. If you do, or if you already have on your Android device, your phone number could be one of 17 million exposed on the app, a bug first reported by TechCrunch.

Security researcher Ibrahim Balic, who is based in London, told the site he was able to match records in seven different countries, including one of a senior Israeli politician and several other high-profile users. He did this when he discovered that when one uploads one’s contacts, the app would “fetch user data in return,” he told TechCrunch. It was then possible to match the phone numbers uploaded into the app with the Twitter records and figure out account usernames.

Read more
Hurry! The M4 MacBook Pro just got an unheard of discount
Someone using a MacBook Pro at a desk.

The 2024 MacBook Pro with M4 chip hasn't even been out for a month, but it already has its first major discount. Amazon just knocked $200 off the 14-inch configuration, dropping the price to $1,399 from $1,599. While a $200 discount on a MacBook isn't world-shattering, the fact that this laptop is so new makes this an unheard of deal. Let's dive into some other noteworthy aspects of this sale.

Why you should buy the MacBook Pro M4
This specific configuration of the M4 Pro has a 10-core CPU, 10-core GPU, 16GB of RAM and 512GB of SSD storage. The 16GB of RAM is particularly noteworthy, as it's the new standard for Apple. That makes this a better deal than some of the M3 models with 8GB of RAM. This model of course comes with Apple's signature Liquid Retina XDR display on its 14.2-inch screen, and it's ready for Apple Intelligence.

Read more