Twitter today released an update to its Android and iOS mobile apps. Included in the update was the option to bypass the SMS two-step verification method originally launched back in May.
Now users have the option to approve log-in requests more directly via their mobile device, instead of relying on a text message containing a short code.
After updating you'll need to launch the app and head to the Settings page. On iOS, you can tap on the "Me" tab along the bottom, then the gear icon and select "Settings" followed by tapping on your account name. Android users will need to tap on the menu button in the top-right corner of the app, followed by Settings and finally your account name.
Once you've arrived to the correct screen you'll find a Security item in the list; tap on it. Select it and check the box next to "Login verification."
You'll be prompted to confirm that you want to enable the feature, and will be reminded to store the backup code in a safe place. I suggest taking a screenshot of it and storing it in Dropbox or somewhere safe you'll be able to access should you lose your phone. Without your phone, the only way to gain access to your account is by using this backup code.
After enabling log-in verification on your mobile device, the next time you attempt to log in using a new app or unrecognized browser you'll receive a push alert on that device. Upon opening the alert you'll be presented with the location and app trying to access your account, along the option to approve or deny the request. Tapping on the check mark approves the request, and the browser or app should automatically redirect you, with a logged-in account in tow.
You can only have the log-in verification active on one device at a time, so this still doesn't provide a solution for accounts that are managed by multiple people from different devices.