Great news YubiFans! As of today, Twitter made it a lot easier for you to tweet safely and keep your accounts secure. Phishing-resistant YubiKey authentication via WebAuthn is now supported on Twitter’s desktop, Android and iOS mobile applications.
With native WebAuthn support throughout the Twitter platform, you can register and use a USB-, NFC-, or Lightning-compatible security key, like the YubiKey, directly from your mobile phone to secure your account.
Adding a YubiKey as your primary authenticator introduces the highest level of security and convenience to your Twitter accounts, regardless of device and platform. Once a YubiKey is registered, you will be asked to either touch or tap your key to verify that it is you accessing your account.
Once authenticated, you may also have the option to make your device a trusted one by selecting “remember this device”, so your app login experience will be as simple as opening the Twitter app before tweeting away. You will only be prompted to use your YubiKey again when you log in to Twitter from a new device, which will only require a simple touch.
To take advantage of these new features on your account, check out our latest video:
“Helping people keep their Twitter accounts secure by providing them the tools and controls they need is a top priority for us. We have been consistently improving the way people can add two-factor authentication (2FA) to their Twitter accounts over the past year and are glad to be expanding our support to enable people to use physical security keys to login to the Twitter app on mobile. We encourage everyone to enable 2FA on Twitter to help protect their account,” said Sri Harsha Somanchi, Senior Product Manager, Twitter.
Want to use a mobile device as a back-up? Set up a second YubiKey with your Twitter account using Yubico Authenticator, our time-based one-time password (OTP) app for desktop, Android, and iOS. We highly recommend disabling SMS after a security key and authenticator app are enabled to ensure maximum security.
The Yubico Authenticator works like other time-based OTP apps with one major difference—instead of your credentials residing on your phone, they stay secured on your YubiKey and stay with you.
Getting a new phone or laptop over the holidays? Not a problem. Yubico Authenticator eliminates the frustration of manually re-enrolling services with your authenticator app when you use a new device. All you need to do is plug in or tap your YubiKey while using Yubico Authenticator to generate your codes.