Feb 21 – The Twitterverse is on fire once again. Twitter users are calling out Elon Musk following a new company announcement saying that Twitter will now charge for text-based two-factor authentication. The paywall in exchange for a universal security measure represents the latest in a series of controversial decisions made by Musk.
Twitter 2FA security
Two-factor authentication will no longer be available to all Twitter users. Those who currently have two-factor authentication enabled for their accounts have received notifications instructing them to remove the security feature or “risk losing access to Twitter.”
“…starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers,” the company said.
Twitter’s two-factor authentication
Twitter stated that other two-factor verification measures, like authenticator apps and security keys, would remain available.
In a tweet, Elon Musk explained that the company has been “getting scammed by phone companies for $60M/year of fake 2FA SMS messages.”
The company’s premium subscription service, known as “Twitter Blue,” allows any user to purchase a verification badge for the price of $8.00 per month, or $96.00 per year.
In response to this move, one Twitter user wrote “It’s like paying [an] extra fee for seat belts on the airplane.”
Said another, “I had a stalker for years who would spend hours trying to hack my accounts. I would get dozens of 2factor texts in a row. It was horrifying, but also a great lesson in how vital these security features are. Elon Musk is now charging for a basic necessity.”
Twitter users beyond the borders of the U.S. have pointed out that Twitter Blue is not even available in some countries, rendering people in those regions particularly vulnerable to cyber threats, including identity theft, once 2FA is disabled.
Authentication apps such as Duo and Google Authenticator remain available as options for account security, but for some, this might be too much of an inconvenience for them to remain on the Twitter app for much longer.
Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.