Twitter will no longer make two-factor authentication (2FA) via SMS free for its users. This feature will be exclusive to Twitter Blue subscribers, and users who don't want to pay will have to think of other solutions to secure their accounts.
In its official announcement, Twitter said that only Twitter Blue customers who already pay per month on Android and iOS will be able to use SMS-based 2FA.
Users who don't want to switch to another authentication method are given until March 20, 2023 to disable the 2FA feature via SMS from their account. After that date, Twitter will disable the feature on accounts of users who are not subscribed to Twitter Blue.
Twitter users can still log in without 2FA, as long as they have a username and password. But 2FA is an additional layer of security to secure accounts, especially if your Twitter account has an easy-to-guess password.
Twitter argues that 2FA via SMS can be abused by irresponsible people, for example hackers who carry out SIM swap attacks. But 2FA via SMS still provides stronger protection than not activating 2FA at all.
Advertisements
Fortunately, Twitter still has other methods than 2FA via SMS to secure user accounts. Twitter users who don't want to subscribe to Twitter Blue can still protect their accounts using strong 2FA in the following ways:
Authenticator application
Apart from getting a 2FA code via SMS, you can also get a similar code using an authenticator application. There are currently many apps and services that can generate 2FA codes directly on your phone, such as Google Authenticator, Microsoft Authenticator, Authy, or Duo.
This method is more secure because the code is actually generated on your phone and it will disappear automatically after a while. Not only for Twitter, the authenticator application can also be used to generate 2FA codes for other applications.
To use this method, first you have to install the authenticator app on your phone. After that, open the Twitter application, tap your account profile photo, and enter the Settings & Support menu.
After that select the Settings and privacy menu, then select the option 'Security and account access. Then select the Security option and enter the two-factor authentication settings.
Then select the Authentication app option by clicking the toggle provided. Follow the on-screen instructions carefully, and you may be asked to enter your Twitter account password to continue with the process. When finished, you can log in using a password, then enter the code displayed by the authenticator application.
Backup code
Apart from using 2FA codes, you can also use backup codes to strengthen your Twitter login. This method can be an alternative if you can't access the cellphone that contains the authenticator application.
It should be noted that if your cellphone containing the authenticator application is lost, then you can lose access to all accounts. Moreover, there are still many authenticator applications that do not have a cloud backup feature, including Google Authenticator.
Because of this, it's a good idea to save your Twitter backup code in a safe place, such as a password manager, so you can log in again without the 2FA code. You can find the backup code in the same settings as 2FA on the Twitter app.