Twitter Two-Factor Authentication Can Now Use 3rd Party Apps

Two-factor, sometimes called two-step, authentication has become one of the favored methods of strengthening logins. Especially considering how humans seem to have an innate tendency to use incredibly weak passwords. But not all 2FAs, as it is abbreviated, are created equal and some, like SMS, are only just a little bit secure than regular passwords. That's why some sites that use 2FA also allow third-party authenticator apps to provide the second factor. And, finally, Twitter now does as well.

The idea behind two-factor authentication is that you need to provide a second code, usually a four to six digit PIN, to verify your identity. That usually comes from something that's always with you or a part of you, be it a fingerprint, an iris, your face, or your phone. That's how the most basic 2FA method words, which sends an SMS containing that PIN for you to enter when logging in.

The problem with phones is that they can get lost or stolen. An even bigger problem is, in the case of the latter, there's a higher chance that the thief could use that number to log into private accounts. While there are situations where it's possible to have access to that phone number cut off, it doesn't always work everywhere.

That's where authenticator apps come in. These work the same way except they're not bound to a single device and can be installed and reinstalled anywhere. More importantly, they can be revoked or blocked by the user herself without having to go through hoops.

So it's definitely reassuring, and really long overdue, that Twitter finally activates this feature for its own logins. You can now use apps like Google Authenticator, Duo Mobile, Authy, and more to be your second factor. While more secure by nature than just using passwords, 2FA still shouldn't be used as an excuse to use extremely weak passwords that, themselves, could lead to access to those apps anyway.