Twitter discontinues text-based 2FA for non-blue tick users

Twitter confirmed in a blog post on Wednesday that it is doing so in order to prevent misuse of text-based account authentication.

  • Twitter stops non-blue tick subscribers from using text-based two-factor authentication
  • According to Twitter, this is being done to prevent abuse of the feature
  • From March 20th, 2FA will be disabled automatically for those who don’t pay for Twitter Blue

Twitter two-factor authentication (2FA) will only be available to paid Blue tick subscribers, the micro-blogging site confirmed in a blog post on Wednesday. The non-Twitter Blue tick subscribers will not be able to use this service anymore. Those already enrolled will have 30 days to disable the 2FA method from their non-Blue tick account and enrol in either app or security key authentication. The change is coming to the platform because of users reportedly abusing the feature, and spammers committing misuse of it — although Twitter did not detail exactly how this misuse has been happening.

Show Full Article

What the Twitter 2FA feature change means to users

In a blog post detailing the feature change, a statement by Twitter read, “While historically a popular form of 2FA, unfortunately, we have seen phone-number based 2FA be used and abused by bad actors. So starting (February 15th), we will no longer allow accounts to enrol in the text message/SMS method or 2FA unless they are Twitter Blue subscribers. The availability of text message 2FA for Twitter Blue may vary by country and carrier.”

For the unaware, the Twitter Blue tick is available in India at Rs 650 per month for web users and Rs 900 per month on mobile.

The platform further added that users who do not subscribe to Twitter Blue, but are already enrolled on the 2FA feature via text message authentication “will have 30 days to disable this method and enrol in another.” Twitter currently offers three methods of 2FA: text message, authentication app, and security key.

“After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled. Disabling text message 2FA does not automatically disassociate your phone number from your Twitter account,” the statement said.

Twitter has been looking for ways to increase ad revenue, as well as find ways to monetise the platform. The first ploy for this has been Twitter Blue — a feature that allows paying users to edit tweets and write 4,000-character tweets too.