How to use Twitter’s new two-factor authentication feature

Illustration by Jason Reed

Twitter now supports authenticator apps. Here’s how to enable the feature.

Protecting your online accounts with passwords is a big risk. And Twitter is no exception. Last year, a data breach gave hackers access to the credentials of millions of Twitter accounts, including that of Facebook CEO Mark Zuckerberg.

While there are many ways to protect your passwords from hackers, the most efficient measure by far is the use of two-factor authentication (2FA). 2FA implies combining something you know (your password) with something you have, such as a physical key or a mobile phone.

For a few years now, Twitter has been supporting SMS-based two-factor authentication, which isn’t very reliable. Now, the platform lets you harden the security of your account with authenticator apps such as Authy, LastPass Authenticator, and the Google Authenticator, which are easier to use and more secure than SMS.

For some unknown reason, the company decided not to make an announcement about the security upgrade. The feature was first sighted by the Android Police, which had heard about it from the developers.

Despite the bizarre circumstances of the rollout, it would be wise to turn it on if you value the security of your account. Here’s what you need to do.

How to turn on two-factor authentication for Twitter

1. If you haven’t done so already, link your Twitter account to your phone number.

2. Install an authenticator app such as Google Authenticator.

3. Login to Twitter and go to the Settings and Privacy page.

4. Scroll down to the Security section and click on “Setup a code generator app.”

Twitter two-step authentification Screengrab via Ben Dickson

5. Scan the QR code that appears with your authenticator app.

two-step authentication for Twitter Screengrab via Ben Dickson

If you see a six-digit code labeled Twitter appear in your authenticator app, you’re all set. You can now rest assured that hackers won’t be able to break into your account—unless they get access to your password and your unlocked phone at the same time.

Ben Dickson

Ben Dickson

Ben Dickson is a software engineer and founder of TechTalks. His work has been published by TechCrunch, VentureBeat, the Next Web, PC Magazine, Huffington Post, and Motherboard, among others.