One way for Twitter users to protect themselves from a potential hack is through two-factor authentication. While the feature itself is nothing new, the social media service recently added the ability for users to log in on their mobile devices with a physical security key. For those new to two-factor authentication, here's what it is and does, as well as the options now available to Twitter users.
Twitter has been the subject of many hacks over the years, with user accounts and personal data being accessed. This past summer, for example, 130 of its high-profile accounts, from Kanye West and Kim Kardashian to Joe Biden, were taken over by hackers to hype a Bitcoin scam. Due to this, Twitter has been looking at ways to increase account security, and two-factor authentication is one option that can help stop a similar situation happening to an individual user's account.
Two-factor authentication means that, in addition to using a password to log into an account, users need to confirm their identity for a second time. In the case of Twitter, this means users have to either use a code, a login confirmation via an app, or a security key - the latter of which was previously only available via a computer. Setting it up on both Twitter's Android and iOS apps is rather simple. First, tap on the profile icon or navigation menu icon from within the app to access the side menu and then choose the Settings and privacy option. In the next menu, choose Account under the username and then Security in the following menu. On the Security page, the Two-factor authentication option can be selected with three methods to choose from.
Choosing the text message method on this screen will launch a page of instructions. Tap Next and then enter the password to verify the selection. If a phone number has not been associated with the account, one will need to be entered. An SMS message will then be sent to the phone with a six-digit authentication code. Once, that code is entered, the setup is confirmed and a backup code will be provided as well. Twitter recommends users take a screenshot of the backup code (or write it down somewhere) as it allows users who have, say, lost their phones to still log into their accounts. Tap on Got it and the feature is set up. From that point on, a similar authentication code will be sent by SMS for every subsequent login to Twitter.
The authentication app method is similar, but instead of a code being sent by text, it is generated by a compatible app that is linked to Twitter. This can be any time-based one-time password (TOTP) app, such as Google Authenticator, Duo Mobile or Authy. On the instructions screen, tap Start. The user will then be asked to link the TOTP app to the Twitter account by scanning the QR code and tapping Next after doing so. On the following screen, enter the authentication code provided by the TOTP app and tap Verify to reach the confirmation page. Tap Got it and the setup is done.
The third method is to set two-factor authentication via a security key. This option requires a physical security key to be plugged in and is the newest option for mobile users. While the feature can be turned off via the Android or iOS app, it still needs to be set up on a computer using a compatible browser. The key needs to be plugged into the PC or Mac's USB port, although the setup is basically the same beyond that. The user chooses Security key and follows the on-screen instructions. Once two-factor authentication is set, a temporary password is needed for anyone wanting to log in to Twitter on other devices or through third-party apps. This can be activated in the Additional features section of the Two-factor authentication screen. These passwords, which expire after an hour, are sent via SMS when the user tries to use the Twitter account this way. Alternatively, the Twitter user can choose to generate their own temporary password via a linked TOTP app.
Source: Twitter
from ScreenRant - Feed https://ift.tt/33EVpuY
0 Comments