Twitter has introduced that it is limiting using SMS-based two-factor authentication (2FA) to its Blue subscribers.
“Whereas traditionally a preferred type of 2FA, sadly now we have seen phone-number primarily based 2FA be used – and abused – by unhealthy actors,” the corporate mentioned.
“We are going to not permit accounts to enroll within the textual content message/SMS methodology of 2FA except they’re Twitter Blue subscribers.”
Twitter customers who haven’t subscribed to Blue which have enrolled for SMS-based 2FA have time until March 20, 2023, to modify to another methodology similar to an authenticator app or a {hardware} safety key.
After this cutoff date, non-Twitter Blue subscribers could have their possibility disabled.
The choice strategies “require you to have bodily possession of the authentication methodology and are a good way to make sure your account is safe,” Twitter famous.
Provided that SMS has been the least safe type of 2FA, the most recent enforcement is more likely to pressure folks to maneuver in direction of safe types of authentication.
In accordance with Twitter’s personal knowledge, solely 2.6% of all energetic accounts have enabled at the least one type of 2FA. SMS accounts for 74.4%, adopted by authenticator apps (28.9%) and safety keys (0.5%).
