Twitter’s two-factor authentication moves behind paywall effective today
Security features for non-Blue subscribers’ accounts are in a bit of a spot, as Twitter places its two-factor authentication behind paywall, effective Monday.
Two-factor authentication (2FA) is a security measure to prevent an external threat from hacking a user’s account. Users have to confirm their identity with their password and a security key or a second mode of authentication, such as an SMS text message on the phone, to be able to access their account and prevent bad actors from breaking into the account.
On February 15, Twitter updated its social media blog, informing users to either subscribe to the platform’s new premium service in order to keep 2FA, or lose the two-factor authentication via text message. The feature was shut down for regular Twitter users, to prevent phone-number-based 2FA from being ‘abused by bad actors’.
“Non-Twitter Blue subscribers who have already enrolled will have 30 days to disable this method and enroll in another. After 20 March, 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA (that is) still enabled will have it disabled,” the blog read.
However, users can continue to access the security feature, using a hardware security key or a third-party authentication app.
Currently, Twitter Blue is available in India for Rs 650 on the web and Rs 900 on mobile. Twitter also offers subscriptions for an annual fee of Rs 6,800 per year or around Rs 566 per month.
To avoid the subscription fee yet maintain 2FA using an authentication app, users will need to go to the settings page on the Twitter app, select ‘Security and Account access’, and choose ‘Security’ to enter the two-factor authentication page. Disable the ‘Text Message’ option if it is enabled and then select ‘Authentication App’. There are multiple third-party authentication apps including reliable ones such as Google Authenticator and Duo Mobile. Open the app, and then scan the QR code displayed on Twitter’s website. A six-digit numeric code will be displayed to confirm the process, and the set-up is completed, using an app-based two-factor authentication.
After Elon Musk acquired Twitter last year, the micro-blogging site made multiple cost-cutting changes, such as laying off about 50 per cent of the workforce, along with firing top executives. 2FA is a result of this drive. According to Musk’s tweet, Twitter is getting scammed by phone companies for $60 million per year of fake 2FA SMS messages. Further, spending of Twitter’s top 30 advertisers fell by 42 per cent to an estimated $53.8 million, until the end of 2022, as reported by Reuters.
Earlier this year, Musk announced the ‘first part’ of much-awaited UI changes that would allow users to swipe right/left to move between recommended and followed tweets. Twitter introduced the blue-tick verification for a subscription of $8.
An emergency meeting was called by James Musk when President Joe Biden’s tweets on SuperBowl were getting more views than Elon Musk’s tweets. As a result of changes made by engineers, Musk’s tweets were artificially inflated by 1000 factors. This has not only increased the viewership of Musk’s tweets by his followers but has been pushed to the ‘For You’ tab of the app’s home page, for all users. Twitter has also banned tweets on competitive platforms, as well as blocked third-party apps like Tweetbots that aim to improve the user experience. Twitter has also suspended access to its API by other alternative platforms.
On March 31, Twitter is set to open source all code to recommend tweets. Elon Musk is also planning to set up a Content Moderation Council, responsible for all content-related decisions. The option to upload video content behind a paywall is also being explored. In a most recent move, Musk enabled an automated off-colour emoji reply to journalists contacting the company’s press department.