Require hard key auth with Cloudflare Access

In August 2020, Twitter faced a security breach where attackers compromised an internal administrative panel to take over high-profile accounts. The attackers used spear phishing to steal credentials and access the Twitter control plane. This incident highlights the risk of using administrative panels as they can be targeted by phishing attacks. To prevent such incidents, Cloudflare has implemented several safeguards including hard keys for team members who need to access their admin panel. They also use Cloudflare Access to enforce the use of hard keys and limit access to specific users in permission groups. This zero-trust approach ensures that only authorized personnel can access sensitive systems and data, reducing the risk of security breaches.