Twitter to charge for text-based two-factor authentication

If you are not a Blue member, you will soon have to utilise an authenticator app or a security key to use two-factor authentication on Twitter. Text-based 2FA is now available only to subscribers who pay for the website’s membership service. Non-Twitter Blue members can no longer activate it, but those who have already used it have until March 20th to deactivate it and use another sort of authentication. If they do not switch by that date, Twitter will simply deactivate their 2FA.

Twitter said in its statement that it made the move after seeing “phone-number-based 2FA being exploited — and abused — by nefarious actors.” Other opponents, however, are sceptical of Twitter’s answer, suggesting that the company’s true objective is to include SMS 2FA as one of the services available with its subscription service. A Blue membership, which costs between $8 and $11 per month or $84 per year, puts a checkmark next to the user’s name.

Whatever Twitter’s true goals are, most users who have two-factor authentication activated on the service may have to adjust their log-in habits. According to the company’s 2021 transparency report, 74.4 percent of consumers with 2FA-enabled use SMS. Just 28.9 percent utilise authenticators, and only 0.5 percent use security keys. Moreover, just 2.6 percent of all Twitter users activated two-factor authentication at the time, but this figure may have altered since then.

“We recommend non-Twitter Blue members to instead use an authenticating app or security key option,” the firm noted. “These techniques require you to have physical ownership of the authentication method and are an excellent approach to maintain the security of your account.”