As tipped late last month, Twitter has begun rolling out two-factor authentication. This will allow users to require both a password and a verification code that gets sent to them via SMS on their mobile phone. The feature is disabled by default, so you'll need to go into your account settings in order to enable it.
All you do once you're in Account Settings on Twitter is checkmark "Require a verification code when I sign in," and then click on "add a phone." From there, you'll enter in your mobile phone number. Once that's done, you'll always be sent a six-digit code that you'll use to sign in each time to Twitter. This is to prevent other people from logging into your account, even if they know your password.
Any existing applications that you have connected to Twitter will continue to work after you've enabled two-factor authentication, and you shouldn't have to allow access to them again. If you want to sign into Twitter on multiple devices or sign into Twitter in third-party apps, you can generate a temporary password to log in and authorize such devices and apps.
Twitter finally joins the ranks of other online services using two-factor authentication, including Facebook, Google, Yahoo, and Dropbox. If you haven't yet enabled two-factor authentication for these services, you should probably go ahead and do yourself a big favor by enabling it for that services that you use. You'll most likely thank yourself later.
SOURCE: Twitter Blog