Twitter adds support for login verification with USB security key

Twitter has some good news for users looking to improve the security of their account: the company has begun rolling out the “login verification with a security key” option.

Twitter announced on Tuesday several new measures to fight abuse, trolls, and spam on the social network and, within that announcement, it offered advice on how to protect one’s account (enable two-factor authentication, regularly review any third-party applications, don’t re-use your passwords across multiple platforms or websites).

It then also added: “You can also use a FIDO Universal 2nd Factor (U2F) security key for login verification when signing into Twitter.”

Using a security key for login verification

This added security measure can be set up via from the account “Settings and privacy” – instructions on how to do so are provided here.

Users can use a Yubikey or a similar USB security key.

A physical key for login verification can come in handy when users don’t have their phone with them or suspect it to have ben compromised.

It can also prevent users from falling victim to phishing attacks: the key will work only on the legitimate Twitter login page.

New accounts have to be confirmed

Among the changes Twitter announced on Tuesday is also one that will hopefully make it a little bit harder to register spam accounts: new users will be required to confirm either an email address or phone number when they sign up to Twitter.

“This is an important change to defend against people who try to take advantage of our openness,” Twitter’s Yoel Roth and Del Harvey (VP of Trust and Safety) explained.

“We will be working closely with our Trust & Safety Council and other expert NGOs to ensure this change does not hurt someone in a high-risk environment where anonymity is important. Look for this to roll out later this year.”