BOOK THIS SPACE FOR AD
ARTICLE ADTwitter will soon be removing the option for text message two-factor authentication to all but those subscribed to Twitter Blue. But fear not, there are other ways to secure your account.
Also: Why is Twitter turning millions of accounts into defenseless targets?
There are two alternative options available to you, and both of them offer better security than SMS-based two-factor authentication:
Authentication appSecurity keyThese security options are a bit buried in the user interface, but can be accessed by going to Settings and Support then Setting and privacy, followed by Security and account access, then Security, and finally Two-factor authentication.
Also: How to use Microsoft Authenticator as your password manager
Note: These instructions are the same whether you are using a web browser, or the app for iOS, Android, Windows, or Mac.
This is the screen you are looking for:
Twitter's two-factor authentication setup screen
Let's take a look at how to set up each of these options.
How to set up an authentication app
Here's how to secure your twitter account using an authentication app.
You'll need an authentication app first.
There are loads, from the ubiquitous Google Authenticator and Microsoft's authenticator app. For Android there's Aegis. There's also a cross-platform app called Authy, and then there's those built into password managers such as Bitwarden.
All the apps listed above are free.
There are a lot to choose from. If you're already using one, you're good to go, otherwise you need to download and install one for use.
Start the process and you'll be asked to scan in a QR code.
Scan the QR code to add your Twitter account to your authenticator app
If you can't scan in the code, you can enter a text code into your authenticator app which does the same as the QR code.
The text code works when you can't scan in the QR code
To make sure that you've correctly added your Twitter account into your authenticator app, Twitter will ask you to enter a confirmation code that your authenticator app spits out.
Enter a confirmation code to make sure everything is working properly
If the confirmation code is correct, you're done (if not, try a new code, and if that doesn't work, go back to the beginning and restart the process).
You successfully added your Twitter account to your authenticator app
Now when you log in, you will occasionally be asked for a code from your authenticator app.
How to set up a security key
Here's how to secure your Twitter account using a security key.
1. Get a security key
A hardware security key is a fantastic tool to help stop hackers in their tracks as it offers an additional layer of defense. Even if a hacker has your username and password, the security key will keep your account secure.
There are a lot of great security keys for you to choose from, with my favorite being the YubiKey 5C NFC.
YubiKey 5C NFC
2. Link your security key to your Twitter account
Start the process and you'll be asked to add your security key to your account.
Click on Add key.
Start the process of adding your security key to your Twitter account
Next choose the key.
Selecting the security key
Instructions will now appear to guide you through the process.
Setting up the security key
When the key has been successfully read, you'll be asked if you want to add it.
Key has been successfully read
3. Name your security key
Finally you can name the key. If you have more than one, give it a name that makes sense to you so you know which one to use.
Naming the security key
4. You're done!
That's it, you're done.
Security key successfully added
What are those backup codes?
When you set up any two-factor authentication on your Twitter account, you'll be given the option to set up a backup code. This is a one-time code that you can use if you don't have access to your authentication app or security key.
Backup code
If you want to set this up -- and I recommend you do -- click on Get Backup Code.
Keep your backup code safe in case you need it
Keep this code safe -- maybe in your password app or printed out and kept in your wallet or purse -- in case you ever need it. You can generate further backup codes if needed.