Only 2.3% of Twitter users have enabled 2FA, report reveals

A recent transparency report by Twitter highlights a staggering 97.7% of its users do not have two-factor authentication enabled.

Two-factor authentication is an effective and easy way to add a strong layer of extra security to your online accounts, but it is often one that is overlooked by many.

If enabled, someone logging into your Twitter account will need more than just the password to get access. For most accounts, this could mean either also needing an SMS code sent to the account owner’s phone or a code generated by a mobile app.

While many may think there is no real harm that can come from someone accessing their Twitter account, this is rarely the truth. Crooks could harvest your personal details making you vulnerable to identity theft or spear-phishing scams, they could tweet as you, cause you reputational damage or even try to scam your Twitter contacts while posing as you.


Sponsored Content. Continued below...




As such, it’s important we keep our Twitter accounts safe and secure.

And while you may think your password is enough to protect you, again this is often not the case. Almost anyone can be susceptible to a well-worded phishing scam, or if you reuse passwords you could fall foul of a credential stuffing attack. Or your password could be swept up by keylogging malware.

And even if you do everything right, Twitter could suffer a data breach, resulting in your password falling into the wrong hands.

Twitter’s security settings are in the Settings & Privacy section, under Security and account access and then Security.

If you haven’t set it up yet, there isn’t much reason not to. You’ll only ever be asked to enter the extra code when logging in while you’re using a device that you haven’t used before to login, so it isn’t a big hassle and the pain and wasted time it could save you going forward could be significant.