Two-factor authentication is one of the most important security measures you can take to lock down your online accounts. This is typically handled by SMS, in which a code is sent to your phone and used to log in. By requiring an extra step during the log-in process in which you would need physical access to something like your phone, it’s a great way to ensure that it’s actually you logging into your account — and not some hacker in Russia.
The problem with 2FA via SMS is that it uses static codes. These codes could potentially be viewed by a hacker or someone who may have gained access to a device and can read messages sent to it. To give their users another way to secure their accounts, Twitter announced that they’re now supporting 3rd party apps for two-factor authentication with the option to disable SMS completely.
Apps like Google Authenticator, Duo Mobile, Authy, or other similar apps can all be used, and typically work by generating quick, one-time use codes that disappear after 30 seconds. You’ll still need your phone to setup 2FA but now you can delete it after using a 3rd party app for authentication. If you’re looking to set up this new method of two-factor authentication, Twitter has posted full step-by-step directions on their help page here.
via Twitter