Today is the final day to switch from Twitter’s SMS two-factor authentication (2FA) method. After March 20th, Twitter’s text message-based 2FA will be only accessible behind its $8 per month Blue paywall.
Your account’s 2FA will be completely turned off if you fail to switch from SMS verification or pay for Blue before the deadline, which will make your account vulnerable to hacking. However, you can still use an authenticator app like Google Authenticator or Authy to enable 2FA for free. Alternatively, you can use a security key, but this requires purchasing a physical piece of hardware.
Twitter is introducing a fee for SMS 2FA because it is the least secure method of authentication. Although this decision may seem contradictory, it is intended to discourage non-subscribers from using this method, as it is susceptible to an attack called SIM swapping.
SIM swapping occurs when a malicious actor employs social engineering or other methods to persuade your mobile carrier to transfer your phone number to their device. This enables them to intercept text messages, including SMS 2FA codes, which may give them access to your accounts.
While it may seem inconvenient to download and register for an authenticator app, setting up an alternate 2FA method on Twitter is a relatively straightforward process and shouldn’t take long to activate.
