Until it does, there doesn’t appear to be any real way to turn off the feature that the hacker or hackers apparently exploited to take over Dorsey’s account. The only way to do it actually involves making your account less safe overall. But there are still some things you can do to protect your account from these kinds of attacks.
First off, it’s a good idea to always have two-factor authentication on, as an additional verification step to confirm your identity beyond your regular password. But even two-factor won’t protect you from a SIM swapping hack.
Not all verifications are made equal. A hacker can intercept security codes sent via text message, rendering it useless.
Luckily, Twitter offers several more secure verification methods.
One step better would be to use the Google Authenticator phone app, which will provide you codes. A hacker would then need your actual phone to get the codes. Or you can use a physical security token, a small piece of hardware you can buy separately, that generates security codes. A hacker would typically need to physically steal that key to gain access to an account.
Replace your phone number
Right now it appears that the only way to shut off the ability to use text messages to send a tweet from your account is to delete your phone number from Twitter entirely. But there’s a catch: Doing so will disable two-factor authentication on your account. I tried multiple times to keep two-factor enabled on my own Twitter account while deleting my phone number from it. Each time it appeared Twitter would allow me to do so, but when I refreshed the page, two-factor was off.
By Shannon Liao
See Full Story at www.wbaltv.com