Microblogging platform Twitter on Friday announced that it would allow only paid subscribers to use text messages as two-factor authentication to secure their accounts.
According to Twitter, Two-factor authentication adds a layer of security to Twitter accounts instead of only entering a password to log in. The feature will require a user to enter a code or use a security key, as this additional step will help to make sure that only they can their account.
The social media company revealed that this feature will be effective on March 20th, 2023, noting that only Twitter blue subscribers will be permitted to use this feature, while other accounts can use an authentication app or security key for two-factor authentication (2FA).
Twitter, therefore, encouraged non-Twitter Blue subscribers to consider using an authentication app or security key method instead. These methods require them to have physical possession of the authentication method, ensuring that their account is safe.
In a blog post, Twitter revealed that it has seen phone number-based 2FA being used and abused by unscrupulous individuals, hence, it will no longer allow accounts to enroll in the text message/SMS method of two-factor authentication unless they are Twitter blue subscribers.
The company’s CEO Elon Musk responded “Yup” to a news tweet on Twitter that stated that the microblogging platform changed its policies because, regarding SMS-based 2FA, telcos used Bot accounts to pump 2FA SMS which saw Twitter lose $60M per year on scam SMS.
Twitter also noted that the availability of the text message 2FA for Twitter Blue may vary by country and carrier.
Investors King understands that Twitter has begun sending notifications to its users asking them to disable the text message 2FA from their accounts if they don’t want to lose access to their accounts. “To avoid losing access to Twitter, remove text message two-factor authentication by March 19, 2023”, the company wrote in a blog post.