Twitter says only Blue subscribers will be able to use SMS-based 2FA after March 20, 2023; all users can use an authenticator app or a physical security key
In fact, if you don't start paying for Twitter Blue ($8 a month on Android; $11 a month on iOS) or switch your account to use a far …
The Verge Sean Hollister
Related Coverage
- Twitter's Decision to Limit SMS 2FA is Dangerous Ricky Mondello
- Twitter's Two-Factor Authentication Change 'Doesn't Make Sense' Wired · Lily Hay Newman
- Setting up iOS's two-factor authentication for Twitter Six Colors · Dan Moren
- Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers Security Affairs · Pierluigi Paganini
- How to keep your Twitter secure without giving Elon Musk any money TechCrunch · Zack Whittaker
- Tweet security: Twitter to offer paying subscribers two-factor authentication WRAL TechWire · Rick Smith
- Twitter Blue — Twitter Blue: What You Need to Know About Twitter's Paid Subscription Service BreakingNews's Substack
- Twitter to charge for a basic security feature that costs nothing on other platforms Android Central · Jay Bonggolto
- Twitter disables SMS Two-Factor Authentication for most users on March 20, 2023 gHacks Technology News · Martin Brinkmann
- Elon Musk Justifies The 2FA Change CoinGape · Divya Sinha
- Twitter just made an important safety feature subscriber-only. Here's what it means for you Toronto Star · Santiago Arias Orozco
- Twitterati slam Musk for allowing 2-factor authentication only for Blue users International Business Times
- How To Switch Twitter 2FA From SMS To An App SlashGear · Nadeem Sarwar
- Twitter to Charge for SMS-Based 2FA Thurrott · Paul Thurrott
- Twitter will limit uses of SMS 2-factor authentication. What does this mean for users? NPR · Jaclyn Diaz
- Twitter makes SMS two-factor authentication exclusive to Twitter Blue users TechRadar
- Twitter's text-based two-factor authentication becomes a paid-only feature AppleInsider · Malcolm Owen
- SMS-Based 2FA Will Be Limited to Twitter Blue Users HackRead · Habiba Rashid
- Only Twitter Blue Subscribers Can Now Use SMS 2-Factor Authentication iPhone in Canada Blog · Nehal Malik
- Now is a good time to stop using insecure SMS 2-factor authentication for Twitter (and everything else) Reclaim The Net · Rick Findlay
- Non-Twitter Blue subscribers have one month left to use SMS as 2FA on Twitter Neowin · Fiza Ali
- Twitter to charge users for SMS two-factor authentication Mashable
- Twitter two factor authentication: The changes to rules for text messages, explained The i Paper · Jaymi McCann
- Twitter Announces It Will Now Charge Users for Text-Based Two-Factor Authentication IGN · Adam Bankhurst
- Twitter will charge users for SMS two-factor authentication BGR · Andy Meek
- Elon Musk's Twitter Will Start Charging You to Verify Logins Using Text Messages Variety · Todd Spangler
- Twitter Makes SMS Two-Factor Authentication a ‘Premium’ Feature Appuals.com · Farhan Ali
- Twitter to Charge for SMS Two-Factor Authentication CNET · Queenie Wong
- Twitter to remove two-factor text authentication from accounts that don't subscribe to Twitter Blue The Apple Post · Tom Sykes
- Twitter will reserve text-message authentication for Twitter Blue subscribers because it's being ‘abused’ by ‘bad actors’ Insider · Stephanie Stacey
- Twitter Gets Criticized For Removing Important Security Feature Game Rant · Trumann Tu
- Twitter is going to make you pay for some elements of 2FA — act now to secure your account for free! BetaNews · Sofia Wyciślik-Wilson
- Twitter to charge users to secure accounts via text message Reuters
- Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only The Hacker News
- Twitter is making text-based two-factor authentication a paid feature Engadget · Mariella Moon
- Twitter Takes Away Text Message Two-Factor Authentication From Non-Blue Users Inc42 Media · Hemant Kashyap
- Twitter will remove high-security login method from your account if you're not paying for Blue Techlusive · Shubham Verma
- Twitter to charge for security... losers, or: pay to be more hackable Pocketables · Paul E King
- Twitter's Making SMS Two-Factor Authentication a Twitter Blue Exclusive Feature Social Media Today · Andrew Hutchinson
- Elon Musk's Twitter to charge users for securing account via text message Livemint · Neha Saini
- Twitter to charge for SMS-based two-factor authentication - How to use Google Authenticator instead 9to5Google · Ben Schoon
- Twitter Limits SMS-Based 2FA to Twitter Blue Members PCMag · Chloe Albanesius
- Twitter Drops SMS-Based Two-Factor Authentication for Unpaying Accounts, Effective March 20 Pixel Envy · Nick Heer
- If the person(s) who wrote this announcement are actually in charge of security at Twitter, I guarantee that there are already several state-sponsored threat actors making themselves at home inside Twitter's systems- … @DataDrivenMD@fedified.com · Dr. Jorge Caballero
- I'm completely baffled by this. #Twitter is ditching SMS codes for MFA ostensibly because it's easily abused...but is letting its paying customers continue to use the feature they also said was insecure? … @maxeddy@infosec.exchange
Discussion
-
Twitter
Twitter
on x
An update on two-factor authentication using SMS on Twitter
-
Twitter Help Center
Twitter Help Center
on x
How to use two-factor authentication
-
@couts@mastodon.social
Andrew Couts
on mastodon
Here's Twitter's announcement about the end of SMS 2FA for non-Blue users. Authentication apps and security keys will still be an option for multi-factor authentication for people who don't want to pay Musk $8—and they're arguably better options than SMS 2FA. …
-
@dangillmor@mastodon.social
Dan Gillmor
on mastodon
Twitter should end SMS 2FA for everyone. It is crappy security. Hardware keys are best, authenticator apps less good. But SMS is a dumpster fire. — What I don't understand is why the company is charging for something inferior, or why anyone would pay to use it. …
-
@twittersupport
@twittersupport
on x
Effective March 20, 2023, only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method. Other accounts can use an authentication app or security key for 2FA. Learn more here: https://blog.twitter.com/...
-
@racheltobac
Rachel Tobac
on x
This Twitter 2FA change is nerve-racking because: 1. Only ~2.6% of Twitter users have 2FA on at all (it's essential for preventing easy account takeover) Of those 2.6%, 74% use text message based 2FA (https://transparency.twitter.com/ ...) If they don't pay for Blue they auto los…
-
@tomaxwell
Thomas Maxwell
on x
lol i just got this alert on desktop https://twitter.com/...
-
@zoeschiffer
Zoë Schiffer
on x
Sources: Twitter plans to unveil a new policy that only Blue subscribers will be able to use SMS-based two-factor authentication
-
@mikeisaac
Rat King
on x
this is maybe the worst idea in a monthslong campaign of enormous missteps both intentional and unintentional? https://twitter.com/...
-
@jsrailton
John Scott-Railton
on x
Twitter about to give hackers a huge gift.... ... by *REMOVING text message authentication* for non paying accounts. Yes, there are better forms of #2FA. But this is blackmail. Expect waves of takeovers as hackers run through password dumps. 1/ https://blog.twitter.com/... https:…
-
@blgtylr
Brandon
on x
Blue Check going from Calvinism to Catholicism is kind of giving the Early Modern Drama I lowkey live for. https://twitter.com/...
-
@tomaxwell
Thomas Maxwell
on x
Next up you can only change your password once annually unless you have Twitter Blue https://twitter.com/...
-
@iancoldwater
Ian Coldwater
on x
normally I'm on team “better than nothing,” but this is a great time to tell the non-security professionals in your life that SMS is the least secure form of 2FA. use an authenticator app or a physical hardware key instead, and don't give this clown money to make security worse! …
-
@practicaltas
Andrew Nestico
on x
This is the stupidest fucking possible change I've ever heard of. Literally could not have imagined Twitter trying this. What the actual fuck. https://twitter.com/...
-
@billkuchman
Bill Kuchman
on x
“Give us $8 or we'll make your account less secure” is a wild customer service move. https://twitter.com/...
-
@vanbadham
Van Badham
on x
I would literally pay $800 at this point to never hear the name “Elon Musk” again. https://twitter.com/...
-
@kurtwagner8
Kurt Wagner
on x
The desperation to get people to pay for Twitter Blue is wild https://twitter.com/...
-
@mikeisaac
@mikeisaac
on x
i cannot imagine a competent security engineer on staff who would sign off on this if it actually is implemented i HOPE they still allow outside 2-factor apps like Google Authenticator but this is just wild if that's not the case
-
@modernistwitch
JJ Skolnik
on x
app-based 2fa is more secure anyway but unclear whether that'll also be affected. a good time to switch regardless. anyway wow this is terrible https://twitter.com/...
-
@dancow
Dan Nguyen
on x
Alright credit where credit's due: making 2-factor auth a paid feature is an idea so comically stupid that it's likely no one else has even imagined it to be possible 🫡 https://twitter.com/...
-
@ketanj0
Ketan Joshi
on x
Why is he making the least secure 2fa method paid?? https://twitter.com/...
-
@kevincollier
Kevin Collier
on x
And it's official: Twitter users can now choose to be less secure — to use text messages for 2FA rather than an app — but only if they pay the monthly fee. You pay for insecurity. The weirdest security decision I've ever seen from a major tech company. https://blog.twitter.com/..…
-
@themckenziest
Lauren McKenzie
on x
Coming soon: only Twitter Blue users will be able to reply to tweets https://twitter.com/...
-
@carnage4life
Dare Obasanjo
on x
That's one way to lower the SMS bill. 💀 https://twitter.com/...
-
@arawnsley
Adam Rawnsley
on x
Gee, I wonder what the impact will be when Twitter dumps the 99 percent of users who don't subscribe to Blue from the most convenient form of Two Factor will be. https://twitter.com/...
-
@evacide
Eva
on x
This is extremely dumb and it hurts me. Obviously, the right move here is to switch to an authentication app or a security key for your 2FA, but I suspect that most people will just turn 2FA off. https://blog.twitter.com/...
-
@goldman
Jason Goldman
on x
We continue to be committed ... just demonstrably less committed than before. https://twitter.com/... https://twitter.com/...
-
@edzitron
Ed Zitron
on x
Elon fundamentally does not understand free services, and perceives anything that costs Twitter money as something the user should pay for. The master of business is conducting his symphony https://twitter.com/...
-
@lolennui
@lolennui
on x
bro we are not giving you $8, let it go https://twitter.com/...
-
@damanr
Daman Rangoola
on x
While this is a pretty bad way to force it, a PSA to not use SMS 2FA anyway. Download Google Authenticator or Authy and transfer all your 2FA to that — it's much more secure https://twitter.com/...
-
@d4vsanchez
@d4vsanchez
on x
Nice! I ain't paying for that. https://twitter.com/...
-
@digiphile
Alex Howard
on x
If true, this is immoral. MFA/2FA protects the security & privacy of consumers & corporations & should be free to all, never a feature we must pay for! @twitter should immediately abandon this @policy, which I bet it did not submit to the @FTC for review under the consent decree.…
-
@asharangappa_
Ashley Rangappa
on x
Extorting users for the $8 now https://twitter.com/...
-
@flitteronfraud
Emily Flitter
on x
Am I wrong or is this the equivalent of saying 'nice Twitter account you got going there. Be a shame if something were to happen to it..." https://twitter.com/...
-
@ow
Owen Williams
on x
someone just found the Twilio bill and lost it when they saw it's costing $1m/month to log people in, guarantee it https://twitter.com/...
-
@helenkennedy
Helen Kennedy
on x
No other site charges you for password security. https://twitter.com/...
-
@nicoleperlroth
Nicole Perlroth
on x
So courageous of @elonmusk to wait for a Friday night to announce he's dismantling the most basic of security measures for anyone who doesn't pay $8 a month. Time to expand the @ftc Safeguards Rule to social media platforms. What a joke. 🤦🏼♀️ https://twitter.com/...
-
@dimensionmedia
David Bisset
on x
I've seen better ransom demands from international terrorists then this. https://twitter.com/...
-
@badastronomer
@badastronomer
on x
Holy crap this is official and true. The string of incredibly bad business decisions is beyond parody, beyond a joke. If your account is hacked and you aren't paying you'll be out of luck. All done. They can barely be roused to fix hacked accounts now as it is. https://twitter.co…
-
@zemotion
Jingna Zhang
on x
Gentle reminder that you should use 2FA AND a password manager. Please I beg you 🙏 https://twitter.com/...
-
@carnage4life
Dare Obasanjo
on x
Twitter is going to disable 2FA in a month unless you pay for Twitter Blue. Every product announcement from Twitter 2.0 sounds like a drunk joke or an intern's bad idea that shipped because everyone else had been fired. Real 🤡 💩 https://blog.twitter.com/...
-
@scottnover
Scott Nover
on x
Elon Musk hasn't introduced a single new product or feature since he took over Twitter in October. He has just poorly attempted to monetize every aspect of the service... including security features? in an eight buck a month subscription that, surprise, no one seems to want. http…
-
@summeranne
Summer Anne Burton
on x
I've seen a lot of subscription features and paywalls over the years but can't say I have *ever* seen a blackmail technique like “we'll make your account less secure if you don't pay us” & frankly it might be the embarrassingly desparate move that finally gets me off this site. h…
-
@mikeisaac
@mikeisaac
on x
i cant believe they did it this is clown shoes https://blog.twitter.com/...
-
@peteryared
Peter Yared
on x
@MikeIsaac Pay us or you will be phished
-
@atrupar
Aaron Rupar
on x
OLD: Everybody pays $8 for awesome new features, bells and whistles, & the best Twitter experience ever! NEW: Pay $11 or your account gets hacked, jerkface https://twitter.com/...
-
@nikillinit
Nikhil Krishnan
on x
Now I'm wondering how much money twilio makes in sms based 2FA lol https://twitter.com/...
-
@mgsiegler
M.G. Siegler
on x
Yeah. This is bullshit. https://twitter.com/...
-
@ivycomb
@ivycomb
on x
Hey, technology expert here. This is what we call in the industry “gross incompetence” Imagine locking the *worst* type of Two Factor authentication behind a paywall lmao https://twitter.com/...
-
@felixclc_
@felixclc_
on x
So Blue subscribers get the worse type of 2FA? https://twitter.com/...
-
@ericaschner
Eric Aschner
on x
I think I have a pretty good idea what happened with the SMS decision yesterday. Some people are mentioning Elon talked about fraud creating high costs for SMS 2FA. (Account security via login codes sent to your phone.) This is known as Toll Fraud and is nothing new. 1/14
-
@matthew_d_green
Matthew Green
on x
Per @RachelTobac: 75% of Twitter 2FA users are using SMS-based authentication. In theory those users could switch to authenticator apps (or pay 😂) but they probably won't.
-
@markgurman
Mark Gurman
on x
It is ridiculous that Twitter is claiming it will start charging for SMS two factor as a means to protect people (because non SMS is safer). Just come out and say the truth: it's another bullet point for our subscription and will cover SMS costs (nothing wrong with this). https:/…
-
@elonmusk
Elon Musk
on x
Use of free authentication apps for 2FA will remain free and are much more secure than SMS https://twitter.com/...
-
@mikeisaac
@mikeisaac
on x
re: security changes at twtr — some stories are framing this as “you have to pay to be secure now” which I think is a semi- flawed premise —2FA auth apps are still free — SMS is a worse form of 2FA the main concern to me is most normies wont switch https://blog.twitter.com/...
-
@stevanzetti
@stevanzetti
on x
My man is stripping copper out of the walls to fuel his posting habit https://twitter.com/...
-
@oneunderscore__
Ben Collins
on x
The decline of Twitter is an interesting case of billionaires reframing omnipresent infrastructure rot. Forget fixing it. The new savvy thing? Lean into the collapse, fire people who COULD fix it for everyone, then charge the wealthy for basic safety measures. Disruptiano. https:…
-
@bryfitz
@bryfitz
on x
If text based 2FA is much less secure than an Authenticator app, why not just migrate the entire base to an app. Why let people pay for text 2FA.
-
@soobin
@soobin
on x
@mollywood It's not as if the process of setting up your Twitter 2FA with an authenticator app on IOS isn't broken. Wait it is 🤣
-
@mollywood
Molly Wood
on x
Although I know that security key and authentication methods are actually more secure than two-factor text, this REALLY reads like “you can't have security unless you pay.” Literally wondering if this small barrier is even worth hurdling at this point. 😩 https://twitter.com/...
-
@pkafka
Peter Kafka
on x
This is where current security strategies go well past normals + even prosumers and end up in total fantasy. Any system that thinks you will write down backup codes and save them somewhere other than your phone exists only in pretendistan. https://twitter.com/...
-
@nehfuhrus
@nehfuhrus
on x
bro is getting so desperate for people to actually pay for twt blue but i don't think he realizes that people aren't gonna pay they're just gonna. stop using the app lmfao like who the hell wants to pay money to be in a fandom https://twitter.com/...
-
@zsk
Zoe Kleinman
on x
Twitter passing on the cost of infosec - although there are good authentication apps out there as an alternative https://twitter.com/...
-
@jamesrbuk
James Ball
on x
You don't need Twitter Blue to keep your account secure! 1. Remove SMS Two Factor 2. Download Google's Authenticator app (iPhone and Android) 3. Set up two factor via Authenticator app on Twitter This is more secure than SMS two factor, and still free.
-
@matthew_d_green
Matthew Green
on x
People keep saying things like “but authenticator apps will still be free and those won't require you to pay, plus they're more secure.” That's true! But also completely misunderstands what's about to happen.
-
@adamkinzinger
@adamkinzinger
on x
In other words, pay us or you'll be hacked. I'd happily pay but I'm worried that the CEO is intent on spreading conspiracies and shilling for Russias “peace plan.” I'm sure this will turn out exactly like we expect. https://twitter.com/...
-
@mkbhd
Marques Brownlee
on x
Rule #1: Never charge for something that was previously free https://twitter.com/...
-
@arictoler
Aric Toler
on x
I love how their messaging here is: “SMS 2FA is absolute trash and shouldn't be used — therefore, only our valued Twitter Blue customers are allowed to use it.” https://blog.twitter.com/...
-
@bfriedmandc
Brandon Friedman
on x
Also, every one of these Twitter announcements is poorly written. I did public affairs for a living and can tell when something is amiss with a press release. My bet is that Elon is the final editor and he takes an active role. https://twitter.com/...
-
@upulie
@upulie
on x
Musk just keeps coming up with these winning ideas https://twitter.com/...
-
@chronotope
Aram Zucker-Scharff
on x
There's an easy answer here, only one thing drives this decision: sending texts costs money. https://twitter.com/...
-
@grantstern
Grant Stern
on x
Making Twitter more friendly to hackers stealing accounts is the improvement none of us knew we wanted. Probably because we don't. https://twitter.com/...