Twitter 2.0 is evolving in ways that no one could have predicted. And this is mostly because the changes been made are bad, but maybe there’s a method to the madness that we’re missing.
Or perhaps not.
Elon and company have announced that SMS-based two-factor authentication will be discontinued for all non-Twitter Blue subscribers beginning next month.
According to a blog post on Twitter’s blog page:
“While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers. The availability of text message 2FA for Twitter Blue may vary by country and carrier.”
This simply means that the most commonly used form of authentication used to keep your account safe from hacking, will now only be available to those willing to pay Twitter $8 per month.
“Non-Twitter Blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another. After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled.”
You will now have to use an authentication app or security key to add a layer of security to your Twitter account. Both of which are less convenient. But Twitter seems to believe that bad actors are too easily able to abuse the current process.
So it’s cutting them off, along with the many millions of people who aren’t misusing it.
How To Protect Your Twitter Account Without Having To Pay $8
The silver lining, if we can call it that, is that Twitter isn’t scrapping 2FA altogether. You can still protect your account with a safer and stronger 2FA method without paying Elon Musk a dime.
Instead of using text-based 2FA codes, you should use app-based 2FA, which is far more secure and as fast as receiving a text message. Instead of receiving a code via text message, you can generate one using an authenticator app on your phone, such as Duo, Authy, or Google Authenticator, to name a few.
Because the code never leaves your device, this is far more secure.
How To Set Up App-Based 2FA
To set up app-based 2FA on twitter, first make sure you have your authenticator app installed on your phone. Go to your Twitter account, then follow the following steps:
- Go to Settings and privacy, then Security and account access
- Click on the Security option
- Once you’re on the Two-factor authentication settings, select Authentication app
- Follow the prompts carefully, you may have to enter your account password to get started
A point to note is, if you happen to lose your phone it can be very difficult to get back into your account. That’s why you should keep a record of your backup codes, which allow you to gain access to your account if you are locked out, safely stored in your password manager.
You can find your backup codes in the same place you set up your app-based 2FA.