Twitter will soon disable SMS 2FA for non-paying customers (PA Wire)
In a month’s time, one of the mechanisms Twitter uses to protect against account hacks will be a premium feature reserved only for Twitter Blue users.
Two-factor authentication (2FA) via SMS will be switched off on March 20, 2023 for anyone not paying £7 a month for Twitter Blue.
The security measure sends a text message with a code to an account’s connected phone number when an attempt is made to log in. The user must then enter the code to confirm that they are really trying to log in.
But as Twitter notes in its announcement, while SMS 2FA is better than nothing, it’s rife with abuse. A determined hacker can use something called SIM jacking or SIM swapping to take control of your phone number, making it trivial to impersonate someone when they already have a working password.
“While historically a popular form of 2FA, we’ve sadly seen phone number-based 2FA being used – and abused – by bad actors,” he said post explained.
What this doesn’t explain is why a security method that the site deems inadequate for non-payers is still considered good enough for Twitter Blue subscribers. But the good news is that anyone – paid and free users alike – can log in via an app-based solution for more secure authentication.
How to use 2FA on Twitter without paying for Twitter Blue
Using an authenticator app is a more secure solution than SMS 2FA, although it’s a bit more cumbersome. Instead of receiving a one-time code via SMS, the app constantly generates 2FA codes that you can enter when logging in, in a way that hackers can’t access like a text message.
There are several different apps to choose from, with the most popular being Google Authenticator, Microsoft Authenticator, and Authy. For the purposes of this guide, we’ll be using the free Google Authenticator app, but the steps should be similar, if not identical, for the alternatives.
1. Download Google Authenticator for iOS (Here) or Android (Here)
How to use 2FA on Twitter without paying for Twitter Blue 1 (Alan Martin)
2. In a browser, go to Twitter.com, log in and click the “More” button on the left, followed by “Settings & Support” and then “Settings & Privacy”.
How to use 2FA on Twitter without paying for Twitter Blue (Alan Martin)
3. In the next menu, select “Security and Account Access” and then “Security”.
How to use 2FA on Twitter without paying for Twitter Blue (Alan Martin)
4. Select “Two-Factor Authentication”.
How to use 2FA on Twitter without paying for Twitter Blue (Alan Martin)
5. Check the Authentication App check box. Re-enter your password when prompted.
How to use 2FA on Twitter without paying for Twitter Blue (Alan Martin)
6. Twitter generates a QR code. Open Google Authenticator and press the “Plus” button in the bottom right corner of the screen and “Scan a QR code”.
How to use 2FA on Twitter without paying for Twitter Blue (Alan Martin)
7. Scan the code on the screen and it will be added to your app. From now on, every time you log into Twitter from a new location, you’ll be asked to enter the code next to the entry in Google Authenticator (it changes every 30 seconds).
Don’t miss interesting posts on Famousbio