Only paid members will be able to use text texts as a two-factor authentication (2FA) technique to secure their accounts, Twitter announced on Friday.
Only Twitter Blue subscribers will be allowed to use text texts as their two-factor authentication method after March 20, the company announced in a tweet.
Two-factor authentication, designed to increase account security, necessitates the usage of a second authentication method in addition to a password by the account holder. Twitter supports 2FA with a security key, an authentication app, and text messages.
To be clear, two-factor authentication is still not required to log into Twitter, although we highly encourage users to enable it. This change just restricts the 2FA methods available for accounts not subscribed to Twitter Blue.
— Support (@Support) February 18, 2023
According to a blog post on Wednesday that the business’s tweet linked to, the company thinks “bad actors” are abusing phone-number-based 2FA.
In response to a user tweet that the company was changing policy “because Telcos Using Bot Accounts to Pump 2FA SMS” and that the company was losing $60 million a year “on scam SMS,” Twitter owner Elon Musk tweeted “Yup.”
The blue checkmark, which was previously only available to verified accounts of public figures like journalists, legislators, and other well-known people, is now available to anyone willing to pay.
