Twitter now charging for SMS two factor authentication – In The News

Twitter users be aware – unless you’re coughing up the monthly fee for the Twitter Blue subscription service, you will no longer be able to use SMS-based two factor authentication to secure your online account.

We’ve long been recommending that our readers always enable two-factor-authentication (2FA) for all their important online accounts. It’s a security measure that adds another layer of security to your account by requiring more than just the password to gain access. In most cases you also need a separate code or PIN that is sent to (or generated by) a device that you own, such as your phone.

This means that even if crooks get a hold of your password (either by malware, data breaches, social manipulation or phishing attacks) they still can’t access your account. (More on two factor authentication here.)

So it’s perhaps a little perplexing that Twitter has announced this week that it is scaling back its two-factor-authentication features by only allowing its paying subscribers access to the most popular 2FA method – SMS 2FA. SMS-based 2FA means having a text message sent to your phone with a PIN, which needs to be entered along with the account password to login.


Sponsored Content. Continued below…




Twitter vaguely claimed in a blog post on its site that the method was being exploited by “bad actors”.

Twitter users using SMS 2FA will have until March 20th of this year to switch to a different 2FA method (or, of course, become a paying “Twitter Blue” subscriber) else face the 2FA feature of their account being automatically disabled altogether.

Twitter users are being asked to remove SMS 2FA from their accounts

That’s not a particularly great move, of course. It’s estimated that around 75% of Twitter users with 2FA enabled are using the SMS option. While many will choose to change their 2FA approach, the bottom line is that on March 20th Twitter will be rendering a hefty number of accounts on their own platform less secure.

So what are the other 2FA options? Well you can use a physical security key, which is a far less popular option, or you can install an authentication app on your mobile device. An authentication app generates a code for you that you can type in when logging in, instead of a code being sent using SMS.

We strongly recommend securing your account with 2FA. It really is one of the most effective security measures you can take. And unless you’re paying Twitter a monthly subscription, this will now likely mean using an authentication app.

Keep an eye of this week for our setup guide to use an Authenticator app to help keep your account safe with 2FA!