How to set up two-factor authentication for Twitter

March 9, 2015

Twitter can be a powerful mouthpiece for yourself, your brand, or your business — and an even more powerful weapon if your login credentials fall into the wrong hands. You can protect your account by enabling Twitter's two-factor authentication options; here's how.

To prevent your Twitter account from being compromised by enterprising hoodlums or hackers, there are a couple options available to you.

Option 1: Send a code to your phone number

When you log in to your Twitter account via app or Web browser, you can get the service to send you a code to your phone number that you must first input before gaining access to your account. Setting it up is easy:

On the Twitter.com website, click your profile picture and then select Settings. On your mobile device within the Twitter app, tap the Me tab, then select the gear icon and tap Settings.
Click on the Security and privacy section.
At the top of the section, there are three options. Select the Send login verification requests to [phone number] option. (If you don't have a phone number on file, you'll have to add it under the Mobile section.)
Twitter will send a test code to your device. When you receive it, click the Yes button to enroll in two-factor authentication. You'll also receive a permanent backup code in the event you lose your phone or don't have an active Internet connection when trying to verify your account; we suggest taking a screenshot of this and backing it up somewhere safe on your computer, or adding it to 1Password.

Option 2: Use the Twitter app

Once you've set up two-factor authentication via your phone, you can alternatively skip the text message charges but still secure your account by allowing your mobile Twitter app to verify login attempts. Here's how.

On the Twitter.com website, click your profile picture and then select Settings. On your mobile device within the Twitter app, tap the Me tab, then select the gear icon and tap Settings.
Click on the Security and privacy section.
At the top of the section, there are three options. Change your selection from Send login verification requests to [phone number] to the Send login verification requests to the Twitter app option.
Any future login requests will come as notifications from Twitter's official mobile app. (You can also find them within the app under Security > Login Requests.) If your phone is off or disabled for any reason, you'll also still be able to access your account with the permanent backup code you generated when first setting up two-factor authentication.

Option 3: Secure your password

If you'd rather not enable two-factor authentication but still want it to be a little bit harder for evildoers to hack your Twitter account, you can require Twitter to request additional information from you in the event of a password reset.

On the Twitter.com website, click your profile picture and then select Settings. On your mobile device within the Twitter app, tap the Me tab, then select the gear icon and tap Settings.
Click on the Security and privacy section.
Check the Require personal information to reset my password box. In the event of a password reset, Twitter will ask the resetter a few additional questions about you to confirm your identity, including your phone number.