Twitter now lets you secure your account using just a security key

By Anthony Spadafora
published

No other form of two-factor authentication needed

Twitter dark mode
(Image credit: Shutterstock)

Keeping your Twitter (opens in new tab) account secure is about to get a whole lot easier as the social network has announced that users now have the option to use a security key (opens in new tab) as their only form of two-factor authentication (2FA (opens in new tab)).

While any form of 2FA can help further secure your online accounts, physical security keys are the most effective way to do so. This is because security keys offer built-in protections to ensure that even if they are used on a phishing site, the information stored on them can't be used to access your accounts.

At the same time, security keys also transfer the burden of protecting against phishing attempts from a human to a hardware device. They can even differentiate between legitimate sites and malicious ones while blocking phishing attempts that SMS verification codes (opens in new tab) would be unable to.

Committed to security

Twitter has been a vocal proponent of using some form of 2FA to secure one's online accounts for some time now. For instance, back in 2018 the social network added the option to use security keys as one of several 2FA options though this initial support only worked on the company's website and not its mobile app while requiring accounts to also have another form of 2FA enabled.

The following year Twitter upgraded its security key support to use the latest WebAuthn (opens in new tab) standard and enabled the ability to use 2FA without requiring a phone number. This was an important upgrade as it allowed users to protect their accounts from SIM-swapping attacks (opens in new tab).

Last year the company added security key support on both iOS and Android (opens in new tab) in addition to on the web and this year it added the ability to register multiple security keys to a Twitter account (opens in new tab) so that users could have backups in case of emergencies.

Now though, Twitter users will be able to use security keys as their sole 2FA method without requiring a backup method.

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

See more Computing news