Twitter has added a new feature to its two-factor authentication, or rather removed something. That thing is the need for a phone number when doing two-factor authentication.
The social media platform confirmed the new feature via a tweet (of course) on its Safety account, noting that users can enroll for two-factor authentication (2FA) without the need for a phone number.
We're also making it easier to secure your account with Two-Factor Authentication. Starting today, you can enroll in 2FA without a phone number. https://t.co/AxVB4QWFA1
— Twitter Safety (@TwitterSafety) November 21, 2019
The reason why it has been dropped has to do with phone number facilitating the process has become a little dated, especially as Twitter has evolved to using apps and security keys in order to authenticate, meaning the need for an SMS no longer exists.
There is also the added element that SMS-based 2FA is often more vulnerable to hacks, with SIM-swapping a popular method employed by people wanting to get unauthorised access to your account.
“From our 2FA options, security keys stand out as one of the strongest due to their low friction and phishing resistant capabilities,” the firm explained in a blog post earlier this year.
“As of today, we are replacing this with the FIDO2 WebAuthn protocol which allows support for more browsers and authenticators while also retaining all of the phishing resistant capabilities security key-based 2FA provides,” it adds.
For those wanting greater security from the social media platform, this latest improvement will likely be more than welcome.
Whether it results in a decrease in users crying foul and saying their account has been “hacked” following some ill-timed tweets, remains to be seen.