From PC Mag: Enabling two-factor authentication (2FA) for your Twitter account is a good idea, but handing your phone number over to Twitter gives many pause for thought. It's also not the most secure method of protecting your account, especially when Twitter CEO Jack Dorsey recently had his account hacked via his cellular provider.
As TechCrunch reports, it's now possible to enable 2FA on Twitter without a phone number. This has been made possible thanks to Twitter updating its login process to support the FIDO2 WebAuthn web authentication standard, which is approved by the World Wide Web Consortium (W3C).
WebAuthn allows support on the user side to be implemented in a number of different ways, purely in software, and without need of a password. Instead a code entry is required or a security key used. In Twitter's case, WebAuthn will initially only work with physical security key authenticators, such as those offered by Yubico.
View: Article @ Source Site
