scorecard
  1. Home
  2. tech
  3. news
  4. Why Twitter's SMS 2-factor authentication is changing — and how can you keep your account secure without paying to subscribe

Why Twitter's SMS 2-factor authentication is changing — and how can you keep your account secure without paying to subscribe

Beatrice Nolan   

Why Twitter's SMS 2-factor authentication is changing — and how can you keep your account secure without paying to subscribe
Tech2 min read
  • Twitter is changing its rules around text-message authentication.
  • It recently announced it would restrict SMS two-factor authentication to Twitter Blue subscribers.

Twitter is changing its rules around SMS two-factor authentication.

The company announced last week that it would restrict the authentication method to users who subscribe to Twitter Blue. In a blog post published Wednesday, the company said the system was being "used — and abused — by bad actors."

Twitter's owner, Elon Musk, last year introduced Twitter Blue, which has a monthly fee of $11 for iOS or Android devices, apparently in an attempt to boost the company's revenue.

Musk completed his $44 billion acquisition of Twitter in October, after spending months trying to back out of the deal. Since then, he's been trying to slash operating costs and raise revenue. Thousands of staffers have been laid off, and hundreds of surplus office supplies have been auctioned off.

The new authentication policy doesn't come into effect until March 20, at which point Twitter says it will disable two-factor authentication for nonsubscribers. Fortunately, there are other authentication methods nonsubscribers can switch to.

Here's how to secure your Twitter account without paying up for Twitter Blue.

Authenticator app

Apps such as Google Authenticator or Microsoft Authenticator are a free way to add an extra layer of security to your account.

Instead of sending a user a text message with a code, the apps generate one-time codes the user can enter when they log into an account after entering their username and password.

Beyond Google's and Microsoft's offerings, popular options include Authy, Duo Mobile, and 1Password.

Security key

A security key also generates a code for a user to enter — but unlike an authentication app, it's a physical device.

Users typically plug these keys into a computer or connect them to their phone while logging into an account. They're a very secure form of authentication because a hacker would need to physically have the key to log into an account.

How to update your account

Twitter users can add a security key or an authenticator app to their account through the desktop version of Twitter.

Under "settings and support," navigate to the "settings and privacy" menu to "security and account access," then to "security," and finally to "two-factor authentication." Here, users should be able to select either a security key or an authentication app. Twitter will need the user's email address to enable this.


Advertisement

Advertisement