After adding support for physical security keys to mobile devices back in December, providing more security options in its apps, Twitter has today added support for multiple security keys, which will mean that anyone on Twitter can have more than one security key linked to their account, and use them for 2FA login support on any device.
Physical security keys enable users to add additional account security through the use of devices like mobile phones and TouchID, adding an extra layer to your account access process.
With this new addition, users will now have more options for enabling that extra level of access, which broaden the usage potential of the process.
As per Twitter:
“This additional step helps make sure that you, and only you, can access your account. Security keys are the most phishing-resistant form of 2FA.”
Twitter says that these new security additions will specifically benefit people who don’t want to share their phone number for 2FA, but still want to add an additional layer of security to their account. That extra process can also provide more assurance for individuals and organizations who are particularly at risk of targeted cyber attacks, including celebrities, politicians, and elected officials.
The new options will also make it easier to maximize security for accounts managed by multiple people.
Account security came into sharp focus for Twitter last July, when several high-profile user accounts were hacked and used to promote a crypto scam.
The actual hack process, in that instance, utilized social engineering – the hackers tricked Twitter employees into giving them access to a control console, which then enabled them to access any account they wanted.
As such, two-factor authentication and/or security keys wouldn’t have mattered – but even so, the incident served as a powerful reminder of the need to vigilance in your account security, and the potential damage than can be caused by hackers getting access to your credentials.
In addition to this, Twitter’s also looking to provide the capacity to add and use security keys as your only authentication method, without any other methods turned on.
Account security is an increasing concern, especially given the way Twitter is now being used by politicians to communicate with constituents. As such, these new updates are another beneficial consideration.
