Today, Twitter finally updated their Two-Factor Authentication (2FA) process.
In a tweet on one of their official Twitter accounts (@TwitterSafety), Twitter announced that users can finally disable SMS-based two-factor authentication. While most websites and applications have started moving towards software-based two-factor authentication, there are some that still rely on text message (SMS) based on two-factor authentication.
SMS based two-factor authentication has been proven not as secure, as even Twitter CEO Jack Dorsey's account was hacked because of a process known as SIM swapping.
In SIM swapping, attackers convince the carrier to switch the target's SIM card details into their own. This allows them to receive messages originally intended for the target. Using this process, they are able to gain access of SMS-based two-factor authentication codes alongside other messages.
With Twitter dropping SMS Two-factor authentication, you can now only use 2FA codes through third-party applications. If you need an additional level of security for your account, Twitter also allows you to add a hardware security key once you've set up a software authentication app.
Picking which two-factor authentication software to use
There's a multitude of two-factor authentication software out there, with most of them being free. Here's a shortlist of some two-factor authentication software we'd recommend
Google Authenticator
Probably the easiest and most friendly application on our list, Google Authenticator is available in both Android and iOS. Its interface is quite simple and allows those who are new to two-factor authentication to navigate the app easily.
1Password
If you want an extra level of security on your account, you can also use a password manager that'll generate almost uncrackable passwords for all the websites/applications that you use. 1Password is such an application. Not only does it generate passwords, but it can also serve as a two-factor authentication application.
LastPass
Like 1Password, LastPass is also a password manager. However, it also allows users to use one-tap notifications on their browsers. Instead of reading the two-factor authentication code whenever it is asked, users can just click on the button on their browser's extension, and it will automatically input the code for the user.
Authy
If you use multiple devices, then you'll want to use Authy. Two-factor authentication applications are given permission by respective websites and applications by scanning a QR code. If you own multiple devices, you'll have to scan the QR code for each of those devices. Authy saves all the QR codes in the cloud, allowing you to access them whichever device you may use. However, Authy doesn't save the password you use to log in to Authy itself. If you lose your Authy password, there's no way to recover it and you'll probably lose access to all other two-factor authentication websites you synced with it.
Setting up software two-factor authentication
Setting up two-factor authentication is relatively easy. Just follow these steps:
1) Go to the account section of your Twitter account. You can do so by clicking here if you're having a hard time navigating.
2) Next, select Security
3) Then, select Two-Factor Authentication.
4) Select Authentication App.
5) You'll then be given a QR code. Scan it with your preferred Two-Factor Authentication app.
SEE ALSO: Two-Factor Authentication For Facebook Will No Longer Require A Phone Number