Twitter launches two-step verification with no phone number required

Messaging service Twitter has simplified its system of two-step verification and made it more secure. Users can now set up the security feature without having to enter their mobile phone number.

With two-step verification, a code is often sent to the user via SMS that gives them access to a service again. This method is not only vulnerable to so-called SIM-swapping attacks, in which the code is sent to a hacker, but also encounters resistance from users for privacy reasons. Twitter has already admitted that the songs were used for advertising purposes.

Twitter Safety has announced in a tweet that the messaging service for two-step verification no longer requires a phone number from the user. The feature had become obsolete some time ago when Twitter came out with a verification app, but the additional verification still requires a phone number. The messaging service is now putting an end to this vulnerability by enabling the use of the verification app without providing the telephone number.

Users who previously linked their phone number to their Twitter account can now undo this via the settings of the service.