Published On: Thu, Dec 3rd, 2020

Twitter now supports hardware confidence keys for iPhones and Android

Twitter pronounced Wednesday that accounts stable with a hardware confidence pivotal can now record in from their iPhone or Android device.

The amicable media hulk rolled out support for hardware confidence keys in 2018, permitting users to supplement a earthy confidence separator to their accounts in place of other two-factor authentication options, like a content summary or a formula generated from an app.

Security keys are tiny adequate to fit on a keyring though make certain kinds of comment hacks nearby unfit by requiring a user to block in a pivotal when they record in. That means hackers on a other side of a world can’t simply mangle into your account, even if they have your username and password.

But technical stipulations meant that accounts stable with confidence keys could usually record in from a computer, and not a mobile device.

Twitter solved that headache in partial by switching to a WebAuthn custom final year, that paved a approach for bringing hardware confidence pivotal support to some-more inclination and browsers.

Now anyone with a confidence pivotal set adult on their Twitter comment can use that same pivotal to record in from their mobile device, so prolonged as a pivotal is supported. (A ton of confidence keys exist currently that work opposite opposite devices, like YubiKeys and Google’s Titan key.)

Twitter — and other companies — have prolonged endorsed that high-profile accounts, like journalists, politicians and supervision officials, use confidence keys to forestall some of a some-more worldly attacks. Twitter explains how to set adult two-factor authentication (and confidence keys) here.

Earlier this year Twitter rolled out hardware confidence keys to a possess staff to forestall a repeat of a Jul cyberattack that saw hackers mangle into a company’s inner network and abuse an “admin” tool, that a hackers afterwards used to steal high-profile accounts to widespread a cryptocurrency scam.

In a arise of a attack, Twitter hired Rinki Sethi as a new arch information confidence officer, and famed hacker Peiter Zatko, famous as Mudge, as a company’s conduct of security.

Decrypted: Apple and Facebook’s remoteness feud, Twitter hires Mudge, puzzling zero-days

About the Author