Twitter has expanded its two-factor authentication from accepting just SMS to third-party apps now.
Users will be able to install third-party apps for two-factor authentication to verify their accounts thereby paving way for millions of users who were not able to use SMS-based 2FA to proceed with better securing their accounts. You will now be able to use third-party authenticator app such as Google Authenticator, Duo Mobile, Authy or similar installed on your mobile device.
“You’ll now be able to use a third party app for two-factor authentication instead of SMS text messages,” Twitter said on Thursday. These third-party apps work independently and generate codes offline to help you use the two-factor authentication.
Twitter, however, said it will still rely on SMS as two-factor authentication but has now allowed third-party apps as an alternative. The micro-blogging site has given a step-by-step direction on how to use the third-party apps.
This is an important move because SMS-based two-factor authentication uses static codes and for users located in countries where SMS issues have been present, it is definitely a huge positive.
Static codes could be intercepted in the event a hacker or some other malicious third-party has access to one or more alternative ways of viewing messages on a device other than having physical access to it and hence app based dynamic 2FA is definitely a much more secure.
With third-party apps like Google Authenticator, the codes disappear in about 30 seconds, making it a more secure way to verify your identify and access your account.