Twitter has taken a backwards step for user account security
The latest twist in the Twitter tale since Elon Musk bought the company is one of the most worrying to date. In a truly bizarre move, which appears to put penny-pinching before account security, Twitter has announced it will limit the use of SMS-based two-factor authentication (2FA) to Twitter Blue subscribers from March 20.
Twitter disables SMS 2FA for the majority of users
In a notice posted to the Twitter help center’s two-factor authentication pages, Twitter states that “Effective 20 March 2023, we will no longer support two-factor authentication using text messages for non-Twitter Blue subscribers.” With as many as 368 million active monthly usersof which less than 300,000 are thought to subscribe to Twitter Bluethat leaves a huge number of people with potentially weakened account security.
Indeed, even if you are a Twitter Blue subscriber, that doesn’t mean you will necessarily still be able to use SMS-based 2FA. The announcement notice added that “the availability of text message 2FA for Twitter Blue may vary by country and carrier.”
But wait, there’s more Twitter security madness
Things get even odder when you realize that Elon Musk himself has tweeted that authentication apps are “much more secure than SMS.”
This would suggest that he’s offering Twitter Blue subscribers worse security in exchange for their money. The truth, however, is a lot more worrying. When it comes to SMS-based 2FA, “its widespread acceptance among the general population made it a security feature of huge value,” says Andy Kays, CEO of threat detection specialists Socura. This being despite the inherent flaws, which do, in fact, make it a less secure option than using either an authentication app or hardware security key as a second account authentication factor. “In the short term, the removal of 2FA could be harmful, especially among less tech-savvy social media users,” Kays warns, arguing that “most people will switch from using SMS 2FA to using no form of 2FA whatsoever.”
MORE FROM FORBESReddit Confirms It Was Hacked-Recommends Users Set Up 2FABy Davey Winder
Money likely the motive behind this move
The official reasoning behind the discontinuation of SMS 2FA for most users echoes the Musk tweet about it being less secure than authentication apps.
Another, perhaps more pressing, reason is likely to be a financial one. I would have asked the Twitter press office for comment, but it doesn’t exist anymore which makes that quite difficult. However, it is known that there is a cost to using SMS to send 2FA text messages, just as it is known that Twitter has been losing money since the Musk takeover. After all, if weaker security was the reason behind the move, why leave your paying customers worse off, in security terms, than those using the service for free?
MORE FROM FORBESThis Is How Hackers Accessed 34,942 PayPal AccountsBy Davey Winder
Twitter security has just been weakened for nearly 368 million users
Whatever, the effect is simple: Twitter security has just been weakened for hundreds of millions of users. And that, dear reader, is never a good thing. In an ideal world, everyone would use a physical, hardware, authentication key. We do not live in an ideal world. Authenticator apps are a good second to physical keys, are free, and work well. But, for the average user, convenience trumps security. Which is why SMS-based 2FA is so popular. It’s ‘secure enough’ for the vast majority of use cases, and is preferable to no account 2FA at all. Without a second authentication factor, accounts become much easier to take over should passwords become compromised. Like many in the security space, I am left scratching my head over why this was thought to be a good move by whoever at Twitter signed it off.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
UltraGlass Unbreak TOP 9H+ Glass for Samsung Galaxy S25 Ultra Screen Protector [Military Grade Shatterproof & Longest Durable] Galaxy Screen Protector 25 Ultra Tempered Glass Full Coverage, 2 Pack
$26.98 (as of February 5, 2025 19:27 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Sereney 10th Birthday Gifts for Girl Sterling Silver Pink Pearl Necklace as Gifts for 10 Year Old, Adjustable Length 10 Birthday Ideas for Teens Trendy 2025
$15.99 (as of February 4, 2025 20:03 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Simply 20x20x1 Air Filter, Merv 8, MPR 600, 6 Pack, Furnace Air Filter for HVAC (Actual Size: 19.75"x19.75"x0.75") DUST, Pet, & Allergy Control
$38.99 (as of February 4, 2025 20:03 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
SWITTE Outdoor Rocking Chair, Patio Egg Rocking Chair, Indoor Papasan Chair, Rattan Wicker Lounge Chair, Modern Royal Chair for Bedroom, Living Room, Porch, Garden, Lawn-Beige
$229.99 (as of February 5, 2025 19:31 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
