Twitter has deployed an update that allows you to enroll multiple hardware security keys to your account for two-factor authentication. The website launched the ability to log in with a physical key on Android and iOS in December – the ability was around for the office since 2018 – but previously it only allowed an account to be linked to one key. This could be problematic if you keep multiple keys in different places so you don’t have one with you, or if you have no choice but to use multiple keys because your devices have different ports. With this update, you will be able to log in with multiple physical keys both on mobile and on the web.
The company also announced that the option to exclusively use physical keys for 2FA “will arrive soon.” Currently, you should always set 2FA to an authenticator app or enable SMS verification as a backup, even if you have a physical key associated with your account. It is now fairly well known that SMS verification is not as secure as bad actors could intercept messages. The upcoming feature might give you some reassurance if you’d rather not give your phone number to Twitter or don’t use authenticator apps at all, though the company has yet to reveal when it will be available.
Secure your account (and this alt) with multiple security keys. You can now register and log in with multiple physical keys both on mobile and on the web.
And coming soon: the ability to add and use security keys as the only authentication method, with no other methods enabled.
– Twitter support (@TwitterSupport) March 15, 2021