Today’s Twitter for iOS and Android updates let you enroll in login verification and approve login requests directly from your mobile app. Now, in addition to the SMS-based login verification that we released in May, you can use login verification without relying on text messages.New Twitter Login Verification for iOS and Android [blog.twitter.com]
Here’s what’s new:
No phone number required: By using push messaging and in-application approvals, you no longer need to provide your phone number to use login verification. If you manage multiple Twitter accounts, but only have one phone number, you can now opt all of them into login verification.
Broader international support: Now, all you need is an Internet connection and one of our supported apps to enroll in login verification. Login verification via SMS has been available through supported mobile carriers across the world, but that didn’t cover everybody.
“My phone fell in the ocean!”: Backup codes generated in the application can be written down, stored in a safe place, and used to access your account on twitter.com even if you lose your phone.
More context: When a login request is made, you will see browser details and approximate location in the app. If you receive an approval request from halfway across the world, you may be getting phished. Review this page for more information on keeping your account secure.
Seems useful mainly to protect celebrity or business accounts. The hassle of using this approach for a typical user outweighs the benefits of avoiding a hack, IMO. Even if someone gained access to your Twitter account, they can't really leverage that to get to bank accounts, shopping sites, etc.