To better secure user accounts, Twitter announced it will soon be offering support for universal two-factor (U2F) as part of its effort to fight spam and malicious automation.
The new feature will help protect users from remote attacks because unlike text message codes which can be intercepted, U2F uses a physical device such as a two-factor keyfob which requires a user to push a button to authorize a login.
Anyone with the setting enabled will be able to use the new feature as long as the user's account is associated with a mobile number. Twitter will also require stricter authentication for new users as they will now be required to add some form of two step authentication, via email or with a mobile number, when creating a new account.
The new features help protect against fake phishing pages that try to steal users passwords since the associated key will also only work on genuine Twitter pages.
Existing accounts will also be subject to audit by the company “to ensure that every account created on Twitter has passed some simple, automatic security checks designed to prevent automated signups,” Twitter said in a June 26 blog post.
The announcement comes just a few weeks after a bug exposed users' plaintext passwords, prompting the company to ask its 330 million users to change their passwords.
The new security measures will also help to address bots that flood timelines with unwanted content and fake news as well as fight abuse, trolls, and spam.
Twitter is also looking to develop a new machine learning algorithm that will find malicious accounts before they are reported.
These changes enable Twitter users to have “access to credible, relevant, and high-quality information,” the company said.