'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
Losing text 2FA on Twitter? Here's how to keep your account secure
Twitter will soon be removing the option for text message two-factor authentication to all but those subscribed to Twitter Blue. But fear not, there are other ways to secure your account.
Also: Why is Twitter turning millions of accounts into defenseless targets?
There are two alternative options available to you, and both of them offer better security than SMS-based two-factor authentication:
- Authentication app
- Security key
These security options are a bit buried in the user interface, but can be accessed by going to Settings and Support then Setting and privacy, followed by Security and account access, then Security, and finally Two-factor authentication.
Also: How to use Microsoft Authenticator as your password manager
Note: These instructions are the same whether you are using a web browser, or the app for iOS, Android, Windows, or Mac.
This is the screen you are looking for:
Twitter's two-factor authentication setup screen
Let's take a look at how to set up each of these options.
How to set up an authentication app
Here's how to secure your twitter account using an authentication app.
1. Get yourself an authentication app
You'll need an authentication app first.
There are loads, from the ubiquitous Google Authenticator and Microsoft's authenticator app. For Android there's Aegis. There's also a cross-platform app called Authy, and then there's those built into password managers such as Bitwarden.
All the apps listed above are free.
There are a lot to choose from. If you're already using one, you're good to go, otherwise you need to download and install one for use.
2. Link your Twitter account to your authenticator app
Start the process and you'll be asked to scan in a QR code.
Scan the QR code to add your Twitter account to your authenticator app
If you can't scan in the code, you can enter a text code into your authenticator app which does the same as the QR code.
The text code works when you can't scan in the QR code
3. Confirm everything is working
To make sure that you've correctly added your Twitter account into your authenticator app, Twitter will ask you to enter a confirmation code that your authenticator app spits out.
Enter a confirmation code to make sure everything is working properly
4. You're done!
If the confirmation code is correct, you're done (if not, try a new code, and if that doesn't work, go back to the beginning and restart the process).
You successfully added your Twitter account to your authenticator app
Now when you log in, you will occasionally be asked for a code from your authenticator app.
How to set up a security key
Here's how to secure your Twitter account using a security key.
1. Get a security key
A hardware security key is a fantastic tool to help stop hackers in their tracks as it offers an additional layer of defense. Even if a hacker has your username and password, the security key will keep your account secure.
There are a lot of great security keys for you to choose from, with my favorite being the YubiKey 5C NFC.
YubiKey 5C NFC
2. Link your security key to your Twitter account
Start the process and you'll be asked to add your security key to your account.
Click on Add key.
Start the process of adding your security key to your Twitter account
Next choose the key.
Selecting the security key
Instructions will now appear to guide you through the process.
Setting up the security key
When the key has been successfully read, you'll be asked if you want to add it.
Key has been successfully read
3. Name your security key
Finally you can name the key. If you have more than one, give it a name that makes sense to you so you know which one to use.
Naming the security key
4. You're done!
That's it, you're done.
Security key successfully added
What are those backup codes?
When you set up any two-factor authentication on your Twitter account, you'll be given the option to set up a backup code. This is a one-time code that you can use if you don't have access to your authentication app or security key.
Backup code
If you want to set this up -- and I recommend you do -- click on Get Backup Code.
Keep your backup code safe in case you need it
Keep this code safe -- maybe in your password app or printed out and kept in your wallet or purse -- in case you ever need it. You can generate further backup codes if needed.