Twitter announced on Wednesday that users who safeguard their accounts with a hardware security key are now able to access their accounts from either an iPhone or an Android device.

The social networking company initially introduced compatibility for hardware security keys in 2018, providing users with the option to implement an additional physical layer of security for their accounts, as an alternative to standard two-factor authentication methods such as text message codes or app-generated codes.

These security keys are compact enough to be carried on a keychain, yet they significantly reduce the risk of certain types of account breaches by necessitating the physical connection of the key during the login process. This makes it considerably more difficult for unauthorized individuals, even those located remotely, to gain access to an account, even if they possess the username and password.

Previously, a technical constraint limited the use of security keys to computer logins, preventing access from mobile devices.

Twitter addressed this issue by adopting the WebAuthn protocol last year, which facilitated the expansion of hardware security key support to a wider range of devices and web browsers.

Currently, any Twitter user who has configured a security key for their account can utilize that same key to log in from their mobile device, provided the key is compatible. (Numerous security keys are currently available that function across various devices, including YubiKeys and Google’s Titan key.)

Twitter, along with other organizations, has consistently advised individuals in high-risk roles – such as journalists, political figures, and government personnel – to employ security keys as a preventative measure against advanced cyberattacks. Detailed instructions on setting up two-factor authentication, including security keys, can be found here on Twitter’s website.

Earlier this year, Twitter implemented hardware security keys for its own employees to help prevent a recurrence of the cyberattack that occurred in July, where attackers infiltrated the company’s internal network and exploited an “admin” tool to compromise prominent accounts for the purpose of disseminating a cryptocurrency fraud.

Following the incident, Twitter appointed Rinki Sethi as its new Chief Information Security Officer and brought on renowned hacker Peiter Zatko, also known as Mudge, to serve as the company’s Head of Security.