Application security, Network Security, Security Strategy, Plan, Budget

Twitter allows third party apps to be used in 2FA

Twitter recently announced the ability to use third-party apps for its two-factor authentication instead of only the option of using SMS messages.

Previously, the social media service required users to be capable of receiving SMS verification codes via their mobile devices or through its own smartphone app in order for users to verify their logins.

Twitter will now allow users to request verification codes through services such as Google Authenticator, Authy, or 1Password, according to its updates made to its help center that were tweeted Dec. 20. Twitter included instructions walking users through setting up the process of requesting verification codes through these services.

SMS verification has been frowned upon in the security community with NIST (the National Institute of Standards and Technology) last year announcing it was no longer recommending two-factor authentication via SMS due to the possibility of it being exploited via known weaknesses in the SS7 cellphone network which could allow the intercepting of text messages.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.