Also: Why is Twitter turning millions of accounts into defenseless targets? There are two alternative options available to you, and both of them offer better security than SMS-based two-factor authentication:

Authentication appSecurity key

These security options are a bit buried in the user interface, but can be accessed by going to Settings and Support then Setting and privacy, followed by Security and account access, then Security, and finally Two-factor authentication. Also: How to use Microsoft Authenticator as your password manager Note: These instructions are the same whether you are using a web browser, or the app for iOS, Android, Windows, or Mac. This is the screen you are looking for: Let’s take a look at how to set up each of these options.

How to set up an authentication app

Here’s how to secure your twitter account using an authentication app. There are loads, from the ubiquitous Google Authenticator and Microsoft’s authenticator app. For Android there’s Aegis. There’s also a cross-platform app called Authy, and then there’s those built into password managers such as Bitwarden. All the apps listed above are free. There are a lot to choose from. If you’re already using one, you’re good to go, otherwise you need to download and install one for use. If you can’t scan in the code, you can enter a text code into your authenticator app which does the same as the QR code. Now when you log in, you will occasionally be asked for a code from your authenticator app.

How to set up a security key

Here’s how to secure your Twitter account using a security key.

1. Get a security key

A hardware security key is a fantastic tool to help stop hackers in their tracks as it offers an additional layer of defense. Even if a hacker has your username and password, the security key will keep your account secure. There are a lot of great security keys for you to choose from, with my favorite being the YubiKey 5C NFC. 

Start the process and you’ll be asked to add your security key to your account. Click on Add key. Next choose the key. Instructions will now appear to guide you through the process. When the key has been successfully read, you’ll be asked if you want to add it.

3. Name your security key

Finally you can name the key. If you have more than one, give it a name that makes sense to you so you know which one to use.

4. You’re done!

That’s it, you’re done.

What are those backup codes?

When you set up any two-factor authentication on your Twitter account, you’ll be given the option to set up a backup code. This is a one-time code that you can use if you don’t have access to your authentication app or security key. If you want to set this up – and I recommend you do – click on Get Backup Code. Keep this code safe – maybe in your password app or printed out and kept in your wallet or purse – in case you ever need it. You can generate further backup codes if needed.