Twitter’s 2FA changeover deadline has arrived and for free users to ditch text-based two-factor authentication unless they pay for Twitter Blue.
In February, Twitter stated that it was making a major change to the way it handles two-factor security for accounts.
Twitter said: “After March 20, 2023, we will no longer allow non-subscribers of Twitter Blue to use text messages as a 2FA method.”
“At that point, accounts with 2FA enabled via text will have it disabled.”
Unusually, it had decided to remove text-based two-factor authentication for all users except those willing to pay for the Twitter Blue subscription.
Twitter gave users until March 19 to move away from its SMS-based system in favor of others, including using an authenticator app.
Starting today, non-Twitter Blue subscribers will find that the text-based 2FA system for their accounts will be automatically disabled.
Instead, users will find that they are only protected by their password, unless they are proactive and switch to a different system.
Twitter 2FA Notice of Changes.
According to Twitter, text-based 2FA could be “used and abused by bad actors“. However, the move is confusing, as it simultaneously claims that SMS 2FA is weak.
While allowing users willing to pay for the Twitter Blue subscription to use the supposedly low-security authentication option.
The process of changing the 2FA form was straightforward, especially if you’re using an authenticator app like Google Authenticator, if the prompt is presented to you in a browser.
- After clicking Get Started, users need to enter their account password and then click Confirm.
- In the window that is titled “Do you want to disable two-factor authentication?” click Disable.
- You will then be prompted to choose your new verification method. If you have a security key, select that option and follow the instructions; otherwise, select Authenticator app.
- Then click Next followed by Get Started.
- A QR code will be displayed on the screen, which can be scanned within the authenticator app to add it to the app’s list. Click Next after completing that action.
To double check, Twitter will ask you to enter the six-digit authentication code into the authenticator app.
After that, you will be offered a one-time backup code, in case the authenticator app fails.
If the prompt isn’t available, you can access the options to change two-factor authentication within your account settings, under Security & account access, followed by Two-factor authentication.
Twitter’s 2FA Changes Take Effect Today: Are You Prepared?
Starting today, March 20, 2023, free Twitter users who haven’t migrated to app-based two-factor authentication (2FA) will lose the extra protection of SMS.
This move is part of the platform’s enhanced security strategy, as text-based 2FA is vulnerable to phishing attacks and spoofing.
Why is Twitter making this change to two-factor authentication?
Twitter has chosen to remove text-based two-factor authentication to prevent exploitation by cybercriminals.
SMS is more vulnerable to interception and can be used by attackers to gain access to the user’s account.
Therefore, Twitter has taken steps to disable text-based 2FA and urged users to switch to an authenticator app to keep their account secure.
How to set up your Twitter account for two-factor authentication?
Although we know that the switch period is limited, we leave you some steps for you to try to switch to an authenticator application, users must follow the following steps:
- Sign in to your Twitter account.
- Go to Settings and privacy.
- Click Security and account access.
- Select Two Factor Authentication.
- Select Authenticator App and click Next.
- Follow the instructions on the screen to set up the authenticator app.
If you already have a security key, you can select that option and follow the instructions on the screen to set it up.
Once two-factor authentication is set up, you’ll be prompted to enter a six-digit authentication code each time you sign in to your Twitter account.
What happens if you don’t update your two-factor authentication on Twitter?
If you don’t update your two-factor authentication by today, you’ll likely be automatically disabled from text-based 2FA and only protected by your password.
This means that your account will be at higher risk of being hacked by cybercriminals. Therefore, it is important that you update your two-factor authentication as soon as possible to ensure the security of your account.
Why is Twitter Blue an exception to this change in two-factor authentication?
Twitter Blue is a premium Twitter subscription that offers a number of exclusive features, including the option to use text-based two-factor authentication.
This has generated some criticism and confusion, as Twitter claims that text-based 2FA is weak and not secure, but still allows users to pay for this option.
In short, if you’re a free user of Twitter, it’s important that you update your two-factor authentication to today, March 20, to keep your account safe even though we know the time frame for this is limited.
Follow the steps above to switch to app-based two-factor authentication and enjoy the peace of mind that comes with this added protection.