Twitter migrated all its employees from the old 2FA to security keys via SMS or authentication apps, a move that took less than three months and is now considered mandatory for all employees.
According to Nick Fobs, Senior IT Product Manager at Twitter, and Nupur Gholap, Senior Security Engineer at Twitter, the company accelerated its efforts to “increase the use of security keys to prevent phishing attacks.” They further explained that Twitter “also implemented security keys internally across the workforce to help prevent security incidents like the one Twitter suffered last year.”
While Twitter has continued to improve 2FA support for the platform in recent years with various innovations since 2018, the social media company has added support for the use of multiple security keys on 2FA-enabled accounts.
Users who want to turn on 2FA in their account are advised to go to Settings and Privacy in their Twitter profile menu, then switch to Security and Account Access on the desktop or account, then Security (on iOS) and enable the two-factor authentication option.
For more information, read the original story in BleepingComputer.