How to use two-factor authentication

Two-factor authentication is an extra layer of security for your X account. Instead of only entering a password to log in, you’ll also enter a code or use a security key. This additional step helps make sure that you, and only you, can access your account. During enrollment, we’ll also make sure you have a confirmed email address associated with your account. That way, we can use your email address for things like communicating with you to keep your account secure.

After you enable this feature, you will need your password, along with a secondary login method –– either a code, a login confirmation via an app, or a physical security key to log in to your account. 

How to verify your login
For iOS:
Step 1

From the main menu, tap Settings and privacy.

Step 2

Tap Security and account access.

Step 3

Tap Security.

Step 4

Tap Two-factor authentication.

Step 5

There are three methods to choose from: Text message, Authentication app, or Security key.

Step 6

Once enrolled, when you log in to your account, you'll be prompted to provide the two-factor authentication method you used during your previous login, along with your password. You’ll also see the option to Choose a different two-factor authentication method. If you’d like to proceed, simply tap the prompt to select a different method. Follow the onscreen instructions to finish logging in.

To sign up via text message on iOS:
Step 1

Click the checkbox next to Text message.

Step 2

Read the overview instructions, then tap Get Started

Step 3

Enter your password, then tap Verify.

Step 4

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then tap Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then tap Verify.

Note: If you don’t already have a phone number associated with your account, we’ll prompt you to enter it. Additionally you can choose to deselect the option to allow your existing contacts to find you on X. 

Step 5

Now we’ll ask you to enter the confirmation code we sent you via text message. Type or paste in the code, You’ll see a confirmation screen with a backup code. We recommend you store a screenshot of the code in case you need it for future use. This will help you access your account if you lose your mobile phone or change your phone number.

Step 6

Tap Got it when you’re finished with this screen.

To sign up via authentication app on iOS:
Step 1

Tap the box next to Authentication app.

Step 2

Read the overview instructions, then tap Start.

Step 3

If prompted, enter your password and tap Verify.

Step 4

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then tap Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then tap Verify.

Step 5

You’ll be prompted to Link app now to your X account. (If you don’t already have an app installed on your device, you’ll need to download one. You can use any Time-based One Time Password (TOTP) authentication app like Google Authenticator, Authy, Duo Mobile, 1Password, etc.)

Step 6

After you scan the QR code, tap Next.

Step 7

Enter the code generated by your authentication app, then tap Verify.

Step 8

You’ll see a confirmation screen. Tap Got it to finish setup.

Now, through your authentication app, you can view and use codes to log in to your X account.

To sign up via Security key on iOS:
Step 1

Tap Security key

Step 2

When prompted, enter your password.

Step 3

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then tap Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then tap Verify.

Step 4

Read the overview, then tap Start.

Step 5

You can either insert the key(s) into the USB port of your mobile device, or sync it over Bluetooth or NFC. Once inserted, touch the button on your key. 

Step 6

Follow the on-screen instructions to finish setup.

Step 7

When done, your security key(s) will appear in the Manage security keys section under Two-factor authentication. From there, you can rename or delete your security key(s), and add additional security keys to your account at any time. 

Note: If you add a security key for additional two-factor authentication protection, we no longer require using another backup method for more protection. Security keys can be used as your sole authentication method, without any other methods turned on.

 

If you enrolled in login verification before March 21, 2016:

When you log in to your account on twitter.com or on another device using X for iOS, X for Android, or mobile.twitter.com, a push notification may be sent to your phone. Open the push notification to approve the login request. Once you approve, you will be immediately logged in to your account on twitter.com.

You may also receive a login code via SMS text message. You can opt into this by clicking request a code sent to your phone via text message when you log in to your account on twitter.com.
 

Note: You can also approve or deny your login requests from within the app by tapping Security, then tapping Login Requests. Pull down on the list to refresh for new requests. Requests will appear on this screen even if you did not receive a push notification.

How to turn off two-factor authentication on iOS:
Step 1

From the main menu, tap Settings and privacy.

Step 2

Tap Security and account access.

Step 3

Tap Security.

Step 4

Tap Two-factor authentication.

Step 5

Tap the slider next to your selected two-factor authentication method to turn it off.

Step 6

Tap Turn off two times to confirm your choice.

For Android:
Step 1

In the top menu, you will either see a navigation menu icon  or your profile icon. Tap whichever icon you have and select Settings and privacy.

Step 2

Tap Security and account access.

Step 3

Tap Security.

Step 4

Tap Two-factor authentication.

Step 5

There are three methods to choose from: Text message, Authentication app, or Security key.

Step 6

Once enrolled, when you log in to your account, you'll be prompted to provide the two-factor authentication method you used during your previous login, along with your password. You’ll also see the option to Choose a different two-factor authentication method. If you’d like to proceed, simply tap the prompt to select a different method. Follow the onscreen instructions to finish logging in.

To sign up via text message on Android:
Step 1

Check the box next to Text message.

Step 2

Read the overview instructions, then tap Next

Step 3

Enter your password, then tap Verify.

Step 4

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then tap Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then tap Verify.

Note: If you don’t already have a phone number associated with your account, we’ll prompt you to enter it. Additionally you can choose to deselect the option to allow your existing contacts to find you on X. 

Step 5

Now we’ll ask you to enter the confirmation code we sent you via text message. Type or paste in the code, You’ll see a confirmation screen with a backup code. We recommend you store a screenshot of the code in case you need it for future use. This will help you access your account if you lose your mobile phone or change your phone number.

Step 6

Tap Got it when you’re finished with this screen.

Now, when you log in to your account on twitter.com, X for Android, or mobile.twitter.com, a six-digit code will be text messaged to your phone to use during login.

To sign up via authentication app on Android:
Step 1

Tap the checkbox next to Authentication app.

Step 2

Read the overview instructions, then tap Start.

Step 3

If prompted, enter your password and tap Verify.

Step 4

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then tap Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then tap Verify.

Step 5

You’ll be prompted to Link app now to your X account. (If you don’t already have an app installed on your device, you’ll need to download one. You can use any time-based one time password (TOTP) authentication app like Google Authenticator, Authy, Duo Mobile, 1Password, etc.)

Step 6

After you scan the QR code, tap Next.

Step 7

Enter the code generated by your authentication app, then tap Verify.

Step 8

You’ll see a confirmation screen. Tap Got it to finish setup.

Now, through your authentication app, you can view and use codes to log in to your X account. 

To sign up via Security key on Android:
Step 1

Tap Security key

Step 2

When prompted, enter your password.

Step 3

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then tap Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then tap Verify.

Step 4

Read the overview, then tap Start.

Step 5

You can either insert the key(s) into the USB port of your mobile device, or sync it over Bluetooth or NFC. Once inserted, touch the button on your key. 

Step 6

Follow the on-screen instructions to finish setup.

Step 7

When done, your security key(s) will appear in the Manage security keys section under Two-factor authentication. From there, you can rename or delete your security key(s), and add additional security keys to your account at any time 

Note: If you add a security key for additional two-factor authentication protection, we no longer require using another backup method for more protection. Security keys can be used as your sole authentication method, without any other methods turned on.

 

If you enrolled in two-factor authentication before March 21, 2016:

When you log in to your account on twitter.com or on another device using X for iOS, X for Android, or mobile.twitter.com, a push notification may be sent to your phone. Open the push notification to approve the login request. Once you approve, you will be immediately logged in to your account on twitter.com.

You may also receive a login code via SMS text message. You can opt into this by clicking request a code sent to your phone via text message when you log in to your account on twitter.com.

Note: You can also approve or deny your login requests from within the app by tapping Security, then tapping Login Requests. Pull down on the list to refresh for new requests. Requests will appear on this screen even if you did not receive a push notification.

How to turn off two-factor authentication on Android:
Step 1

From the main menu, tap Settings and privacy.

Step 2

Tap Security and account access.

Step 3

Tap Security.

Step 4

Tap Two-factor authentication.

Step 5

Tap the checkbox next to your selected two-factor authentication method to turn it off.

Step 6

Tap Turn off to confirm your choice.

For Desktop:
Step 1

In the side menu, click More, then click Settings and privacy.

Step 2

Click on Security and account access, and then click Security.

Step 3

Click Two-factor authentication.

Step 4

There are three methods to choose from: Text message, Authentication app, or Security key.

Step 5

Once enrolled, when you log in to your account, you'll be prompted to provide the two-factor authentication method you used during your previous login, along with your password. You’ll also see the option to Choose a different two-factor authentication method. If you’d like to proceed, simply click the prompt to select a different method. Follow the onscreen instructions to finish logging in.

To sign up via text message from a desktop:
Step 1

Click the checkbox next to Text message.

Step 2

Read the overview instructions, then click Next

Step 3

Enter your password, then click Verify.

Step 4

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then click Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then click Verify.

Note: If you don’t already have a phone number associated with your account, we’ll prompt you to enter it. Additionally you can choose to deselect the option to allow your existing contacts to find you on X. 

Step 5

Now we’ll ask you to enter the confirmation code we sent you via text message. Type in the code, You’ll see a confirmation screen with a backup code. We recommend you store a screenshot of the code in case you need it for future use. This will help you access your account if you lose your mobile phone or change your phone number.

Step 6

Click Got it when you’re finished with this screen.

Now, when you log in to your account on twitter.com, X for iOS, X for Android, or mobile.twitter.com, a six-digit code will be text messaged to your phone to use during login.

To sign up via authentication app from a desktop:
Step 1

Click the checkbox next to Authentication app.

Step 2

Read the overview instructions, then click Start.

Step 3

If prompted, enter your password and click Verify.

Step 4

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then click Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then click Verify.

Step 5

You’ll be prompted to link your authentication app to your X account by scanning a QR code.(If you don’t already have an app installed on your device, you’ll need to download one. You can use any time-based one time password (TOTP) authentication app like Google Authenticator, Authy, Duo Mobile, 1Password, etc.)

Step 6

After you scan the QR code, click Next.

Step 7

Enter the code generated by your authentication app, then click Verify.

Step 8

You’ll see a confirmation screen. Click Got it to finish setup.

Now, through your authentication app, you can view and use codes to log in to your X account. 

To sign up via Security key from a desktop:
Step 1

Click Security key

Step 2

When prompted, enter your password.

Step 3

If you haven’t already, we’ll ask you to confirm an email for your X account: Enter your email address, then click Next. We’ll then send you a confirmation code via email. Back in your X account, enter the code in the prompt, then click Verify.

Step 4

Read the overview, then click Start.

Step 5

You can either insert the key(s) into the USB port of your computer, or sync it over your computer’s Bluetooth or NFC. Once inserted, touch the button on your key. 

Step 6

Follow the on-screen instructions to finish setup.

Step 7

When done, your security key(s) will appear in the Manage security keys section under Two-factor authentication. From there, you can rename or delete your security key(s), and add additional security keys to your account at any time.

You’ll need to use the latest version of a supported browser like Chrome, Edge, Firefox, Opera, or Safari in order to add or log in to your account with a security key.

Note: If you add a security key for additional two-factor authentication protection, we no longer require using another backup method for more protection. Security keys can be used as your sole authentication method, without any other methods turned on.

How to turn off two-factor authentication from a desktop:
Step 1

In the side menu, click More, then click Settings and privacy.

Step 2

Click on Security and account access, and then click Security.

Step 3

Click Two-factor authentication.

Step 4

Uncheck the box next to your selected two-factor authentication method to turn it off.


Temporary passwords
 

After you enable two-factor authentication for your account, you'll need to use a temporary password to log in to X on other devices or applications that require you to enter your X password; you will not be able to log in using your usual username and password combination. If we detect you will need a temporary password to log in, we will send one via SMS text message to your phone. Alternatively, you can generate your own temporary password. 

How to generate a temporary password for x.com

After you've enrolled in two-factor authentication you can generate a temporary password for x.com from your X for iOS app following the instructions below: 

Step 1

From the main menu tap Settings and privacy.

Step 2

Tap Security and account access.

Step 3

Tap Two-factor authentication.

Step 4

Under Additional methods, tap Temporary password.

Note: Temporary passwords expire after one hour. You do not need a temporary password to log in to X for iOS or X for Android, or mobile.X.com.

After you've enrolled in two-factor authentication you can generate a temporary password for X.com from a desktop following the instructions below: 

  • Click More from the main menu.
  • Click Settings and privacy.
  • Click on Security and account access.
  • Click Security.
  • Click Two-factor authentication.
  • Under Additional methods, click Temporary password.

Note: Temporary passwords expire after one hour. You do not need a temporary password to log in to X for iOS or X for Android, or mobile.x.com.