Twitter will no longer require users' phone numbers to enable two factor authentication (2FA) on their accounts, Twitter Safety tweeted. While it hasn’t completely done away with mobile number 2FA, it is no longer mandatory to give the platform your phone number. Users can now enable 2FA using an authentication app, or a physical security key, without necessarily having to provide Twitter with their phone number. What’s new? The first option is to use an authenticator app which generates a random string of six-digit OTP. Some such apps are Google Authenticator, Authy and YubiKey. If you select this option, you will have to link your Twitter account with a compatible authentication app. We tested this by using Google Authenticator and Authy, and it worked well. However, Authy required us to put in our mobile number to create an account. [caption id="attachment_207777" align="aligncenter" width="473"] Using Google Authenticator to enable 2FA on Twitter[/caption] The other option is to use a physical security key, and while this might be the most secure 2FA method, there is one caveat. Security keys currently, aren’t supported outside of Twitter on the web, so if a user is accessing Twitter via a mobile app, it will still ask him/her to have another 2FA method enabled as a backup, explained a Twitter engineer, after some users complained that they still had to provide their mobile number if they wanted to enable 2FA using a security key. [caption id="attachment_207774" align="aligncenter" width="473"] Security key to enable 2FA can only be used…
