Twitter now offers native support for the WebAuthn platform. As a result, Twitter users can now secure their accounts with a physical security key, whether that key has an USB, NFC, or Lightning-based form factor.
That also means that Yubico customers can use a YubiKey as their primary Twitter authenticator. Once registered, they will be able to use their YubiKey to gain access to the Android, iOS, and desktop versions of the Twitter app.
Yubico, meanwhile, has decided to offer Twitter users a $10 discount to celebrate the occasion, and to encourage more Twitter users to switch to YubiKey security. The offer applies to each individual key (up to a limit of four), and to every product in the company’s Security Key by Yubico Series and YubiKey 5 Series, including the YubiKey 5C NFC and the YubiKey 5Ci. To collect, shoppers simply need to enter the code TWITTER10 at checkout to apply the discount to the YubiKeys in their cart. The limited-time offer ends at 11:59 p.m. PT on December 9.
“Helping people keep their Twitter accounts secure by providing them the tools and controls they need is a top priority for us,” said Twitter Senior Product Manager Sri Harsha Somanchi. “We have been consistently improving the way people can add two-factor authentication (2FA) to their Twitter accounts over the past year and are glad to be expanding our support to enable people to use physical security keys to login to the Twitter app on mobile.”
After someone logs into Twitter with a YubiKey, they will be able to select “remember this device” to turn that device into a trusted device for future interactions. Should they do so, they will no longer need to use their YubiKey when they log into Twitter on that device, and will instead be able to enjoy a more streamlined user experience. However, they will need to use their YubiKey to verify their identity when they access Twitter from a new device.
The Twitter login utility is also compatible with the time-based Yubico Authenticator One-Time Password app. Yubico is a long-time supporter of the WebAuthn protocol, and recently released a new WebAuthn Starter Kit to make it easier for developers to adopt passwordless authentication standards.