Twitter Is Done With SMS 2FA. Here's a Better Way to Secure Your Account on iPhone
SMS two-factor authentication is no longer available on Twitter, unless you pay for Twitter Blue. Fortunately, if your an iPhone user, there's a better option anyway.
Nelson Aguilar is an LA-based tech how-to writer and graduate of UCLA. With more than a decade of experience, he covers Apple and Google and writes on iPhone and Android features, privacy and security settings and more.
As of today, Twitter no longer supports text message two-factor authentication as a security measure for your accounts. The only way you can continue using SMS 2FA is if you sign up for Twitter Blue -- but that requires a monthly payment.
If you have an iPhone, however, there's a more secure 2FA alternative for Twitter that's already built into iOS. And it's free to use.
According to Twitter, 74% of Twitter users with two-factor authentication turned on use the text message option. While it's unfortunate that you no longer have that available to you unless you pay, you're better off without SMS 2FA anyway. Authentication apps such as Google Authenticator are superior because they're more secure than the text message method -- it's easier for attackers to spoof your texts remotely, especially with SIM swapping.
And if you use an iPhone, you don't have to download any third-party apps to get better two-factor authentication protection on your device. Apple has an authenticator hidden in your settings that you can use to help better secure your accounts and data.
Here's how to set it up with Twitter, as well as with other apps and websites.
How to set up your iPhone's built-in 2FA with Twitter
If you want to use your iPhone's built-in two-factor authenticator specifically with Twitter, here's what you need to do.
In the Twitter app, tap on your profile icon in the top-left and then go to Settings and Support > Settings and privacy > Security and and account access > Security > Two-factor authentication. If you're asked to enter your Twitter password at any time, do so to continue.
Now, toggle on the Authentication app option, enter your account password, tap Get Started and hit the Link app button. You'll be redirected to your saved Twitter passwords in your settings -- choose the correct one for your account. Next, copy the verification code to your clipboard and enter it into Twitter. Finally, hit Confirm and your Twitter account should now be protected by your iPhone's two-factor authenticator.
Before you continue, make sure to write down the single-use backup code that appears. This will help you log back into Twitter if you have trouble accessing your iPhone's two-factor authentication method. Also, you can toggle off text message 2FA now or wait until Twitter automatically disables it for you.
You can also set up iOS's built-in 2FA with other apps and websites
For every other service that's not Twitter, launch the Settings application on your iPhone and go into Passwords. Use Face or Touch ID to access your passwords and then tap on whatever account it is you want to set up 2FA for.
Note: This method of two-factor authentication does not work with every website or app.
Next, tap Set Up Verification Code and a menu will appear with two options:
Enter Setup Key
Scan QR Code
These are your two options to set up 2FA, which you can find on the website of whichever account you're attempting to secure. To continue, go to the website, use your credentials to log in and then go into the website's account settings. There is no single place where you'll find the setup key or QR code for 2FA, but generally you should find them in "passwords" or "two-factor authentication."
For this example, we'll be using the setup key found in the account settings on Mega's website. If you see a setup key, simply copy it to your clipboard, and then go back to the Settings app on your iPhone and choose the Enter Setup Key option. Next, paste in the setup key and then hit OK. Once you do, a verification code will appear.
Go back to the website you grabbed the setup key from and enter the verification code to enable 2FA. You don't have to manually enter the setup key, as it should appear at the top of your keyboard, so you can just tap there to enter it. However, you must be quick to enter the setup key because it'll change every 30 seconds.
If you use the Scan QR Code option, the process will pretty much be the same, but instead of entering the setup key manually, you'll simply scan the QR code with your smartphone's camera. However, this option may not be ideal if you're doing everything on your smartphone, so really only use this if you're accessing the website on another device.
Once you're finished, two-factor authentication should be enabled for that website. Anytime you log in to that website in the future, you'll be asked to enter a verification code as well, which will be generated by the built-in feature.