|Link: [Twitter’s Killer New Two-Factor Solution Kicks SMS to the Curb||Threat Level | Wired.com](http://www.wired.com/threatlevel/2013/08/twitter-new-two-facto/)|
During enrollment, your phone generates a 64-bit random seed, SHA256 hashes it 10,000 times, and turns it into a 60-bit (12 characters of readable base32) string. It sends this string to our servers. The phone then asks you to write down the next backup code, which is the same seed hashed 9,999 times. Later, when you send us the backup code to sign in, we hash it one time, and then verify that the resulting value matches the value we initially stored. Then, we store the value you sent us, and the next time you generate a backup code it will hash the seed 9,998 times.Sounds like a neat trick to make backup-code generation unnecessary.