This past weekend, there was a frenzy of worry when Twitter started sending notifications to its users about removing SMS two-factor authentication(2FA) from their accounts. The new policy will only let Twitter Blue subscribers keep text-based 2FA and urge non-paying subscribers to switch to app-based 2FA.
This new policy is Elon Musk’s way to want people to join Twitter’s subscription service but to be fair app-based 2FA is the best option when it comes to strengthening the privacy and security of your account.
Yes, I hate it too when an annoying person makes a valid point.
2FA fortifies passwords with a second piece of information which involves a one-time passcode being sent at the time of login.
There have been a lot of data breaches and password leaks in recent years and it has become imperative to secure your various online accounts and ensure your personal data remains private. 2FA is now the trend to protect yourself in case your passwords get compromised.
The logical step is setting up either:
• SMS-based 2FA where you give platforms your phone number so they can send you text that contains the One Time Password or
• TOTP-based 2FA (Time-based One-Time Password algorithm) where you’re asked to scan a QR image using a specific smartphone application such as Authy or Google Authenticator app. These apps continuously generate the One Time Password for you.
Text-based 2FA is the most simple and can be adopted by most users. However, it it’s not the safest as the codes can be intercepted especially if your sim card has been swapped.
Authentication apps are the true authentication as the TOTP method creates a one-time password on the user side instead of the server side through the app.
Here are the most recommended authenticator apps:
Microsoft Authenticator – it’s a free 2FA app that will link to your online accounts with a QR code scan
Google Authenticator – this is the best and easiest one to use
Authy – This is an alternative to the Google Authenticator app but with more added features such as multiple device support for those who frequently change devices via a cloud backup.
Most sites will suggest the Google Authenticator app for 2FA but you can easily substitute that for Authy.
The desktop, Android and iOS apps let you search for tokens by name, display tokens as a list or grid view, greater device information so you can view and remove unused apps. You also get push authentication support for websites that have implemented it.
It’s best to install the app on your phone and desktop or another device so that when the tokens are synched to the Authy Cloud, they automatically sync. This is so that when an attempt to install another instance of Authy, you get notified via the other app as Authy checks the new device against an existing device they already trust.
Once this is done, go ahead and turn off the app’s multi-device feature so that no additional apps are installed.
How to Add App-Based 2FA to Your Twitter Account
Open Twitter, head to Settings and Privacy, tap on Security and Account Access and then tap on Security. You’ll see the Two-Factor Authentication option and tapping on it will take you to the various options and you’ll see something like this.
Disable the toggle with the text message option if you had it enabled. Tap on the Authentication app option to enable it. There’s an option to add a security key.
I use Authy which a lot of cybersecurity experts highly recommend. Don’t get Google Authenticator as it doesn’t allow encrypted cloud backup.
Download the Authy app on either the Apple App Store or Google Play Store. You’ll set up with your email and phone number. Authy will send a code – in my case, I used voice call verification. The app has had a hard time texting a Kenyan number(it’s set up differently from like a US number). You can opt for a WhatsApp text also.
You’ll set up a backup password which you should remember as Authy can’t recover when you forgot it as it’s not stored on their servers. Authy supports multi-device sync which means you can get login codes if you’ve set up the app on another phone or if you downloaded its desktop version.
Once this is done, go ahead and turn off the app’s multi-device feature so that no additional apps are installed.
Once you’re logged in, you can add various accounts as you please.
Now go back to Twitter, head to Settings and Privacy, tap on Security and Account Access and then tap on Security. When you’re in the Two-Factor Authentication setting, tap and enable the Authentication App option. You’ll be asked to enter your password and then get a prompt to add an authentication app. The next step will be to link the app to your Twitter account.
Authy will add your account and generate a six-code which you can copy and paste on Twitter once you go back. And now you’re setup
Simply head to your Instagram profile and tap the settings button. Then scroll down to Security and tap Two-Factor Authentication and enable this feature for the Authentication app option.
If you have the authentication apps listed above, Instagram will automatically find the app and send a login code to it. You’ll have to get the code and enter it. Once that is done, two-factor authentication will turn on automatically.
Make sure you review apps that use your Instagram account to log in to their platforms. If you longer use those apps or services, revoke their access.
Head to your Instagram profile, go to Security settings and tap on Apps and Websites or just click here. If you see anything shady or apps you’ve stopped using, easily click revoke third-party app access by clicking the Revoke Access button.
Simply head to Settings and then scroll down to Security and Login and tap Two-Factor Authentication and enable this feature.
Other interesting apps include 1Password(paid) which offers a 2FA authenticator feature included and 2FAS which is an open-source authenticator app. The latter has interesting features which Authy doesn’t have like export options, private cloud backup, iCloud and Google Drive sync support and more importantly, it is free and open-source software.
Elon Musk Keeps Breaking Twitter in Desperate Chase for Revenue
Articles in This Stream
- Stay Secure and Protect Your Privacy on TikTok in 2023 With These Tips
- Instagram: Tips To Protect Your Privacy and Help You Stay Secure in 2023
- How To Protect Your Privacy and Stay Secure on Facebook in 2023
- Twitter: Tips To Protect Your Privacy and Help You Stay Secure in 2023
- Protect Your Privacy on Signal With These Tips
- Protect Your Privacy and Stay Secure on WhatsApp in 2023 With These Tips