Recently Twitter is already getting lots of controversies. In an unexpected move, Twitter announced on February 15, 2023, that it would charge users for using its SMS-based two-factor authentication service. The announcement caught many users off guard. Two-factor authentication has become a widely adopted security measure to protect online accounts from unauthorized access. While Twitter has assured users that it will continue to offer other forms of two-factor authentication for free, the decision to charge for SMS-based authentication has sparked controversy and concern among users.
Table of Contents
Twitter SMS-based Two-factor Authentication Users have to Pay
Twitter has stated that it will discontinue providing free SMS-based two-factor authentication (2FA) and limit the use of this less secure 2FA method to Twitter Blue subscribers. The response to this decision has been mixed, with some users expressing outrage while others view it positively.
This article will examine the factors that led to Twitter’s choice to make SMS 2FA a paid feature and the consequences for users. Additionally, we will explore other options accessible to users, including physical security keys and authentication apps.
Why is Twitter Charging for SMS 2FA?
Good riddance to SMS is my feeling, given how shared SIM swap hacks are these days. You don’t want someone to get access to your accounts by proving they are you simply because they’ve stolen your phone number. Heck, Twitter’s own Jack Dorsey was successfully targeted by the technique four years ago.
As Rachel Tobac points out, Twitter’s transparency data shows that only 2.6 percent of Twitter users had 2FA turned, and 74 percent used SMS as their 2FA method. Many users relied on SMS 2FA, the least secure form of 2FA. SMS 2FA is vulnerable to SIM swapping attacks, where hackers steal your phone number and use it to access your accounts.
Twitter’s decision to charge for SMS 2FA is an attempt to incentivize users to switch to a more secure form of 2FA. The company encourages users to subscribe to Twitter Blue or use an authenticator app. You can also try physical security keys, which are far more reliable and secure.
What are the Alternatives to SMS 2FA?
Several alternatives are available to users who want to secure their Twitter accounts. These include:
- Authenticator apps – Authenticator apps generate one-time codes that you can use to authenticate your login. Examples of authenticator apps include Google Authenticator, Authy, and Microsoft Authenticator.
- Physical security keys – A physical security key is a small USB device that you insert into your computer or mobile. It can authenticate your login. Examples of physical security keys include Yubikey and Titan Security Key.
- Twitter Blue – Twitter Blue is a subscription service that includes several features, such as an undo tweet button and a reader mode. Subscribers to Twitter Blue will also get access to SMS 2FA.
It’s worth noting that authenticator apps and physical security keys are more secure than SMS 2FA. They are not vulnerable to SIM swapping attacks and provide an additional layer of security to your accounts.
What is the Impact of Twitter’s Decision?
Twitter’s decision to charge for SMS 2FA will impact users unwilling to pay for Twitter Blue or switch to a more secure form of 2FA. After March 20, 2023, Twitter will turn off your SMS 2FA if you don’t start paying for Twitter Blue or switch to a more reliable 2FA method.
This means that users relying on SMS 2FA will need to either subscribe to Twitter Blue. Also, they can switch to an alternative form of 2FA. Although it might be inconvenient, it is essential to safeguard your accounts against SIM-swapping assaults.
Is two-factor authentication mandatory for Twitter accounts?
No, two-factor authentication is not compulsory for Twitter accounts. However, Twitter strongly encourages users to enable it for better security.
What are the alternatives to SMS-based two-factor authentication on Twitter?
Twitter Blue subscribers can still use SMS-based two-factor authentication, but it is not recommended. A better option is to use an authenticator app. You can also use a physical security key for two-factor authentication, which is more secure and reliable.
Why is SMS-based two-factor authentication less secure?
2FA, which relies on SMS, is less confident due to its susceptibility to SIM swap attacks. Such attacks occur when a perpetrator tricks a phone carrier. Mobile operators may transfer the victim’s phone number to the perpetrator’s SIM card. Consequently, the perpetrator receives the SMS verification code and can gain entry into the victim’s account.
Twitter’s choice to make SMS-based two-factor authentication a paid feature is a positive move towards enhanced security. It may inconvenience some users. The alternative options of using an authenticator app or a physical security key are much more secure and reliable. We can avoid SIM swap attacks and other account hacking. It’s more important than ever to take your online security seriously. So if you haven’t already, consider enabling two-factor authentication on your Twitter account, and choose a more secure method than SMS-based authentication.
Selva Ganesh is the Chief Editor of this Blog. He is a Computer Science Engineer, An experienced Android Developer, Professional Blogger with 8+ years in the field. He completed courses about Google News Initiative. He runs Android Infotech which offers Problem Solving Articles around the globe.