Twitter just announced that it would support two-factor authentication without a phone number. Before now, users would have to add a phone numbers when using two-factor authentication and this was for back-up purposes. But it looks like a lot has changed since Twitter CEO Jack Dorsey’s Twitter account was hijacked just two months ago in what looked like a SIM-swapping attack.
Some users have been wary of adding their phone numbers to their Twitter account even as it is believed that these just end up in the hands of advertisers anyway so this may come as a relief to such users and privacy advocates.
We're also making it easier to secure your account with Two-Factor Authentication. Starting today, you can enroll in 2FA without a phone number. https://t.co/AxVB4QWFA1
We're also making it easier to secure your account with Two-Factor Authentication. Starting today, you can enroll in 2FA without a phone number. https://t.co/AxVB4QWFA1— Twitter Safety (@TwitterSafety) November 21, 2019
That said, it’s not so straightforward to unlink your phone number form two-factor authentication. It looks like the update is for Twitter for Web users which means outside of the web, security keys aren’t supported. Jared Miller, Twitter engineers said we require you to have a second method along with security keys since the latter isn’t currently supported outside web. If you’d like to disable sms, you need to also have a mobile security app. We know this might not be ideal but we’re going to keep working on it!
This means that outside of the web, a user would need a mobile security app in addition. So, don’t be surprised when you see this which means that when next you wish to apply, he two-factor authentication, you would have to choose two of the three options namely; SMS, authentication app and security key. So, for those who wish to unlink their phone numbers, the obvious choice is a combination of the authentication app and security key.
To do this, please navigate to Account>Security>Phone and please chose the “Delete phone number” option.