OK, so am I correct in my assessment that Twitter accounts _cannot_ be secured by TFA alone? You _must_ to have a phone number associated with an account? I thought it was obvious by now that allowing SMS instead of time-synced TFA is a security _hole_, not an improvement?
-
-
*attempts at hacking Casey's twitter intensify*
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Once you've verified a phone #, you can switch to a TFA app instead of SMS. But if you remove phone #, entire TFA is disabled. Which,
@twitter, is mind-bogglingly ridiculous. -
Exactly - I can't believe this is how it works. TFA should be _completely separate_ from the phone. You can have a TFA key that isn't a phone, or doesn't have a trusted phone number associated with it. And phone SIMS are not secure anyway!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.