Twitter has announced that SMS-based two-factor authentication (2FA) will be exclusive to Twitter Blue users. This means that only paying users will have the option to secure their accounts via SMS-based 2FA going forward.
Non-Twitter Blue users won’t be able to set up 2FA with SMS after March 30 unless they pay for Twitter Blue. If SMS is currently used to protect account access, users have 30 days to subscribe to Twitter Blue or switch to a different 2FA method, like a security key or an authenticator app.
Twitter wants people who aren’t on Twitter Blue to switch to an authentication app or security key to keep their accounts safe. A recent statement from Twitter says that these methods require the authentication method to be in your physical possession and are a great way to keep your account safe.
Effective March 20, 2023, only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method. Other accounts can use an authentication app or security key for 2FA. Learn more here:https://t.co/wnT9Vuwh5n
— Twitter Support (@TwitterSupport) February 18, 2023
Twitter users must pay or switch for SMS 2FA
Twitter cites abuse by “bad actors” and financial losses caused by bot accounts as reasons for ending SMS 2FA for non-paying users. Elon Musk tweeted about the matter, indicating that Twitter was losing a significant amount of money due to bot accounts abusing the SMS 2FA system.
To continue using SMS as a setup option for new Twitter devices, users must subscribe to Twitter Blue, which costs $8 a month, or $11 a month through Android or iOS. Users can also opt for a yearly subscription at $84. Besides the 2FA perk, Twitter Blue offers additional features such as tweet editing and an undo tweet button.
The decision to make SMS-based 2FA exclusive to paying Twitter Blue users has sparked anger on the platform. Many believe this move puts a critical security measure behind a paywall, although it’s not considered the most significant change under Musk’s leadership.
Double Down on Security: Two-Factor Authentication Made Easy with App Install!
Setting up two-factor authentication (2FA) on Twitter and other platforms is crucial for added security. It adds an extra layer of protection, making it harder for unauthorized users to log into your account using just a username and password. This is important because login details can be tricked or leaked online.
While a text message sent to your phone can be used as a 2FA option, it is the weakest option as it can be intercepted and redirected. To generate an authentication code, it’s better to install a free app such as Authenticator by Google or Authy. These apps are safer alternatives to SMS-based 2FA.
Although SMS 2FA is a weak security method, Twitter has decided to keep it as an option for users who genuinely need it. However, this functionality will now be exclusive to Twitter Blue subscribers. It’s unclear how many users still rely on SMS 2FA, but those who do will have to pay for the service. Despite the security risks associated with SMS 2FA, some users may still prefer this method for various reasons.
There is a risk that SMS 2FA users who don’t want to pay will turn off 2FA completely, which is not recommended for account security. To keep accounts as secure as possible, users should set up 2FA using a mobile app for authentication, regardless of whether or not they subscribe to Twitter Blue.