Security News > 2021 > October > Twitter employees required to use security keys after 2020 hack
Twitter rolled out security keys to its entire workforce and made two-factor authentication mandatory for accessing internal systems following last year's hack.
The company migrated all of its employees from legacy 2FA using SMS or authenticator apps to security keys in less than three months, according to Twitter's Senior IT Product Manager Nick Fohs and Senior Security Engineer Nupur Gholap.
"We've also implemented security keys internally across our workforce to help prevent security incidents like the one Twitter suffered last year."
After the July 2020 hack, Twitter revealed that the attackers took control of dozens of high-profile accounts after stealing Twitter employees' credentials following a phone spear-phishing attack on July 15, 2020.
Twitter continuously upgraded and improved the platform's 2FA support throughout the last few years, with a clear focus on security keys as the primary 2FA method.
If you want to turn on 2FA on your account right now, you have to go to your Twitter profile menu into Settings and Privacy, then to Security and account access or Account > Security and enable the Two-factor authentication option.