More changes are afoot at Twitter. The most recent of these is the folding of a previously-available feature into the service’s Blue subscription service. Amazingly, there might actually be a good reason for that beyond ‘Elon makes money from it’.
According to the company’s Support account, regular users have until 20 March to enjoy getting their two-factor authentication (2FA) updates via SMS. After that, they’ll become the sole domain of folks who have subscribed to Blue.
The Twitter (two-)factor
Effective March 20, 2023, only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method. Other accounts can use an authentication app or security key for 2FA. Learn more here:https://t.co/wnT9Vuwh5n
— Twitter Support (@TwitterSupport) February 18, 2023
The reason for the change, apparently, is that some users (the platform calls them “bad actors”) have used the SMS 2FA method in malicious ways. Just how two-factor authentication was being abused isn’t fully explained but it appears that scam SMS messages were costing Twitter up to $60 million a year. Again, how this actually worked isn’t fully explained. The upshot is that SMS authentication is going away unless you’re willing to pay each month for it.
If you’re already using SMS-based 2FA, you’ve got until 20 March to disable it and choose a new method. If you don’t, it’ll be disabled for you, and you’ll most likely be locked out of your account. We’re expecting some sort of outcry on the day because something new has broken on the micro-blogging platform. You could probably side-step it but where’s the fun in that?
“We encourage non-Twitter Blue subscribers to consider using an authentication app or security key method instead. These methods require you to have physical possession of the authentication method and are a great way to ensure your account is secure,” the company added.