'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
Twitter will soon be removing the option for text message two-factor authentication to all but those subscribed to Twitter Blue. But fear not, there are other ways to secure your account.
Also: Why is Twitter turning millions of accounts into defenseless targets?
There are two alternative options available to you, and both of them offer better security than SMS-based two-factor authentication:
These security options are a bit buried in the user interface, but can be accessed by going to Settings and Support then Setting and privacy, followed by Security and account access, then Security, and finally Two-factor authentication.
Also: How to use Microsoft Authenticator as your password manager
Note: These instructions are the same whether you are using a web browser, or the app for iOS, Android, Windows, or Mac.
This is the screen you are looking for:
Let's take a look at how to set up each of these options.
Here's how to secure your twitter account using an authentication app.
You'll need an authentication app first.
There are loads, from the ubiquitous Google Authenticator and Microsoft's authenticator app. For Android there's Aegis. There's also a cross-platform app called Authy, and then there's those built into password managers such as Bitwarden.
All the apps listed above are free.
There are a lot to choose from. If you're already using one, you're good to go, otherwise you need to download and install one for use.
Start the process and you'll be asked to scan in a QR code.
If you can't scan in the code, you can enter a text code into your authenticator app which does the same as the QR code.
To make sure that you've correctly added your Twitter account into your authenticator app, Twitter will ask you to enter a confirmation code that your authenticator app spits out.
If the confirmation code is correct, you're done (if not, try a new code, and if that doesn't work, go back to the beginning and restart the process).
Now when you log in, you will occasionally be asked for a code from your authenticator app.
Here's how to secure your Twitter account using a security key.
A hardware security key is a fantastic tool to help stop hackers in their tracks as it offers an additional layer of defense. Even if a hacker has your username and password, the security key will keep your account secure.
There are a lot of great security keys for you to choose from, with my favorite being the YubiKey 5C NFC.
Start the process and you'll be asked to add your security key to your account.
Click on Add key.
Next choose the key.
Instructions will now appear to guide you through the process.
When the key has been successfully read, you'll be asked if you want to add it.
Finally you can name the key. If you have more than one, give it a name that makes sense to you so you know which one to use.
That's it, you're done.
When you set up any two-factor authentication on your Twitter account, you'll be given the option to set up a backup code. This is a one-time code that you can use if you don't have access to your authentication app or security key.
If you want to set this up -- and I recommend you do -- click on Get Backup Code.
Keep this code safe -- maybe in your password app or printed out and kept in your wallet or purse -- in case you ever need it. You can generate further backup codes if needed.