14 DAY TRIAL // Twitter has made some significant improvements to its two-factor authentication system. In the wake of a series of hacks, the company unveiled its two-factor authentication back in May, a system that required users to provide an additional code besides the password, a code sent by SMS to their phone.
But that was just a first step and the company has now unveiled a new system that bypasses the need for an SMS and only relies on data generated on your phone.
"Today’s Twitter for iOS and Android updates let you enroll in login verification and approve login requests directly from your mobile app. Now, in addition to the SMS-based login verification that we released in May, you can use login verification without relying on text messages," Twitter explained.
With the new system, users are notified of login attempts on their phone. They get info such as browser used, location and so on, and can decide to either approve or deny the request.
If they approve the attempt, the browser where the request was made will be logged in and users will get access to the site.
The new method is much easier to use and it's also significantly more secure. Any compromise of the Twitter servers cannot be used to gain any data to bypass the authentication system.
But this means that, if you enable two-factor authentication, you will need your phone every time you want to log in. Luckily, for times when you don't have your phone with you, several backup codes are generated when you first enable the feature.
As long as you remember to store your backup codes safely, so you can still log in even if you lose your phone. The current SMS-based system is still available for those that don't want the Twitter app on their phones, or don't have a smartphone.