How to enable two-factor authentication for Twitter

Not a week passes without seeing in the press that some Twitter account have been hacked (as in used without authorization).

Twitter tried to create more awareness about creating secure passwords and educating the users to not fall for the classical social engineering techniques. But, with over 200 million users, it is close to impossible to educate everybody.

This is why Twitter started a few weeks ago to rollout two-factor authentication.

Unfortunately, at the moment of writing this article, this feature is not yet available in Germany, so I can’t test it myself.

However, here are the easy steps to enable two-factor authentication for Twitter:

- Visit your account settings page.

- Select “Require a verification code when I sign in.”

twitter-sec-settings

If your country is not supported, you will not be able to enable that checkbox.
- Click on the link to “add a phone” and follow the prompts that allows you to select your carrier.

twitter-2factor-sms

 

For Germany, all major carriers are listed, but unfortunately none of them is supported.

twitter-auth
- After you enroll in login verification, you’ll be asked to enter the six-digit code that was sent to your phone via SMS each time you sign in to twitter.com.

Here is a film which explains visually how to enable it.

What is not clear yet is if there is a possibility to mark a computer as trusted so that you don’t have to enter the authentication code every time you login on the same computer. Currently, it seems that it is wanted to enter the authentication code for each login even on the same computer.

Here are some other tips from Twitter about how to protect your account better. Do note that all these tips can be applied to other accounts as well, not only to Twitter.

Check here the entire series for enabling two-factor authentication.

If you want to improve your overall security, check our Improve Your Security series.

 

 

Sorin Mustaca

IT Security Expert