Twitter announced on Monday that it is updating its two-factor authentication so that users can log in with their physical security key on Android and iOS. Users can currently use a security key to sign in to their Twitter account, but they need to have another 2FA method — like an authenticator app or SMS codes — enabled as backup. The update will allow accounts enabled with two-factor authentication to use security keys as the only authentication method.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
<p>witter is usually a forerunner in protecting its users’ accounts with multi-factor authentication (MFA), and physical security keys are a step forward in the process. Adding different options gives choice and confidence to the user.</p> <p> </p> <p>Using an authenticator app as a backup helps provide extra confidence but unfortunately the option of SMS MFA is still available which is largely more unsecure and can be intercepted; to properly secure accounts this function should be disabled.</p> <p> </p> <p>Social media platforms are often slow on forcing their userbase to take up extra layers of security through fear of them finding it too difficult or getting locked out. However, with the proper support this quickly makes all accounts far better protected.</p>