Twitter's SMS two-factor authentication is now a paid feature

Jimmy2x

Jimmy2x

Posts: 238   +29
Staff
Why it matters: Twitter has traditionally provided users three methods to secure accounts using two-factor authentication (2FA). One of the most popular, for both users and malicious actors alike, is the SMS-based 2FA option. Twitter is now making SMS-based authentication available exclusively to its Twitter Blue subscribers to curb the rising number of SMS-based 2FA exploits.

Twitter announced the change on its official blog earlier this week, citing its commitment to user security as the driving force behind the decision. According to the post and Twitter's account security data, SMS-based 2FA-secured accounts are the most susceptible to unintentional access by malicious actors.

The removal of SMS-based 2FA on unpaid accounts went into effect at the time of the announcement on Wednesday, February 15th. Non-subscribers using SMS-based 2FA will have 30 days to disable the authentication method and enroll in one of the other available options. Failure to switch to any of the remaining free 2FA options will leave the account more vulnerable than those secured by other methods.

The decision was met with a mix of responses from Twitter's user base. Some users have applauded Twitter's move away from SMS-based 2FA, reiterating that it is a positive step in account security measures. Even some Musk detractors see the move as a favorable one.

As expected, there's no shortage of feedback citing the move as an infringement on user rights or a pure cash grab by Twitter's new CEO. Some negative feedback even goes as far as to inaccurately cite what the decision means, instead incorrectly stating that Twitter has removed all 2FA options for non-subscribers.

Twitter's SMS woes aren't exactly a new problem. In 2019 the social media giant suspended the ability to tweet via SMS after hackers got into former CEO Jack Dorsey's profile. They gained access by exploiting Twitter's Cloudhopper SMS service, then tweeted racially charged statements and antisemitic messages.

It's unclear how a less-secure authentication method has become a paid feature of Twitter's Blue subscription model to limit its use. Chances are some users will pay the price solely for the convenience of SMS-based authentication. Twitter users that do not wish to subscribe to Twitter Blue can find more information on available alternatives via Twitter's Help Center.

Permalink to story.

https://www.techspot.com/news/97658-twitter-sms-two-factor-authentication-now-paid-feature.html

 
“According to the post and Twitter's account security data, SMS-based 2FA-secured accounts are the most susceptible to unintentional access by malicious actors”

Not sure how being a $8 subscriber helps here then, you’re paying for the privilege of being in a group more frequently targeted?

Big ‘stripping the copper out of the walls to pay the bills’ energy coming out of Twitter recently
 
  • Like
Reactions: Kourgath223
Jimmy2x said:
It's unclear how a less-secure authentication method has become a paid feature of Twitter's Blue subscription model to limit its use.
Click to expand...
Enaks said:
“According to the post and Twitter's account security data, SMS-based 2FA-secured accounts are the most susceptible to unintentional access by malicious actors”

Not sure how being a $8 subscriber helps here then, you’re paying for the privilege of being in a group more frequently targeted?

Big ‘stripping the copper out of the walls to pay the bills’ energy coming out of Twitter recently
Click to expand...
It’s clear to me as a fan of Elon Musk that this is a cost cutting measure. That said, this will probably mostly improve security against state actors.
 
gigantor21 said:
Elon has no way of paying down that debt, does he?
Click to expand...
Sure he does. He just has to sell more Tesla stock. Every time he sells a billion dollars worth of Tesla stock it actually costs him two billion, because he sink the value of Tesla every time he sells therefore lowering his own wealth in the process. It's very exciting.

He should buy a few more useless money pit companies that have no way of making a profit.
 
Kashim said:
Sure he does. He just has to sell more Tesla stock. Every time he sells a billion dollars worth of Tesla stock it actually costs him two billion, because he sink the value of Tesla every time he sells therefore lowering his own wealth in the process. It's very exciting.

He should buy a few more useless money pit companies that have no way of making a profit.
Click to expand...

I like the way you think.
 
m4a4 said:
Easy, you read the article.
Click to expand...

I’ve read the article, removing this particular form of 2FA doesn’t ‘make things better’. The entire notion is counterintuitive.

Twitter are saying ‘SMS 2FA is less secure but pay us $8 and you can have it’, while at the same time removing that 2FA authentication method from regular users (any type of 2FA is better than ‘none’).

The concept is just daft, if Twitter really believe it’s less secure, remove it entirely.
 
  • Like
Reactions: axiomatic13, wiyosaya, nnguy2 and 1 other person
Enaks said:
I’ve read the article, removing this particular form of 2FA doesn’t ‘make things better’. The entire notion is counterintuitive.

Twitter are saying ‘SMS 2FA is less secure but pay us $8 and you can have it’, while at the same time removing that 2FA authentication method from regular users (any type of 2FA is better than ‘none’).

The concept is just daft, if Twitter really believe it’s less secure, remove it entirely.
Click to expand...
You gave no context, implying they're removing all 2FA.

If Twitter wants to deal with (aka waste time and money on) the accounts that no longer will have 2FA or are easily gamed by SMS 2FA, then let them. In theory, people that care will just switch to an authenticator. But it's not like most people have an account worth taking...
 
  • Like
Reactions: Burty117
m4a4 said:
You gave no context, implying they're removing all 2FA.

If Twitter wants to deal with (aka waste time and money on) the accounts that no longer will have 2FA or are easily gamed by SMS 2FA, then let them. In theory, people that care will just switch to an authenticator. But it's not like most people have an account worth taking...
Click to expand...

Right, so you post ‘read the article’, when you clearly didn’t even manage the headline?

“Twitter's ***SMS*** two-factor authentication is now a paid feature”
 
  • Like
Reactions: axiomatic13 and wiyosaya
Enaks said:
Right, so you post ‘read the article’, when you clearly didn’t even manage the headline?

“Twitter's ***SMS*** two-factor authentication is now a paid feature”
Click to expand...
Let's re-examine your original comment:
Enaks said:
How does removing 2FA ‘make things better’?
Click to expand...
Without context, your comment sounds like you're implying they're removing all 2FA (a common misunderstanding even mentioned in the article).
Jimmy2x said:
Some negative feedback even goes as far as to inaccurately cite what the decision means, instead incorrectly stating that Twitter has removed all 2FA options for non-subscribers.
Click to expand...


Anyways, I can't tell if you're just being disingenuous at this point, but my point is just be more specific next time.
 
  • Like
Reactions: Burty117
Enaks said:
“According to the post and Twitter's account security data, SMS-based 2FA-secured accounts are the most susceptible to unintentional access by malicious actors”

Not sure how being a $8 subscriber helps here then, you’re paying for the privilege of being in a group more frequently targeted?

Big ‘stripping the copper out of the walls to pay the bills’ energy coming out of Twitter recently
Click to expand...
I think it's more like they were planning on removing the feature all together for security reasons, but decided that keeping the feature for only paying users would somehow attract new customers. If for some bizarre reason this actually works and the majority of twitter users now pay 8 usd a month for it, users now have a "premium" security risk.
 
  • Like
Reactions: wiyosaya
Told ya in a old post that Musk will kill twitter, and Zucker' will kill facebook ... a big win for humankind's intellect as a whole ! mark my words, they'll kill those 2 things... and everyday they keep proving me that I may be right... ahahah
 
  • Like
Reactions: wiyosaya and AxelAminoff
I'm still hoping Musk's long-term plan was to sabotage Twitter so badly that its beyond saving. He'd just need to find someone stupid enough to buy it after the fuse is already lit.
 
  • Like
Reactions: wiyosaya
I think Twitter is beyond saving, and Musk may end up selling it for a fraction of what he paid. But who in their right mind would buy a "business" that bleeds these insane amounts of cash? Musk's leadership of Twitter also affects his other businesses. I am for sure not the only person who has been turned off from potentially buying a Tesla after seeing what a thin-skinned little ***** he actually is and his far-right sympathies. I will definitely choose another electric vehicle brand when the time comes.
 
  • Like
Reactions: axiomatic13 and wiyosaya
psycros said:
I'm still hoping Musk's long-term plan was to sabotage Twitter so badly that its beyond saving. He'd just need to find someone stupid enough to buy it after the fuse is already lit.
Click to expand...
What? Musk can do no wrong. He's a genius! And his billions and billions emphasize that fact. /s

Translation: he will sabotage it without knowing he's sabotaging it. His ego is too big to allow him to realize that he is doing anything wrong. :laughing: 🤣
 
  • Like
Reactions: axiomatic13
You must log in or register to reply here.

Similar threads

Daniel Sims
Google is testing a feature that holds customer service calls for you until a human representative...
Replies
10
Views
352
Underdog
Underdog
Daniel Sims
Threads appears to be winning the Twitter succession war
Replies
17
Views
406
toooooot
T
midian182
Number of data breaches falls globally, triples in the US
Replies
11
Views
241
dangh
dangh

Latest posts

Back