Today’s the last day to keep 2FA on your Twitter account, as the company is moving away from free SMS 2FA. Your account’s regular SMS two-factor authentication will be turned off if you don’t switch away by March 20th. Only Twitter BLUE subscribers can access SMS-based two-factor authentication; however, it’ll be turned off for non-Twitter Blue users altogether.
Twitter currently uses three forms of authentication methods: via sms, third-party authentication apps, and hardware keys.
In my experience, Twitter’s SMS-based authentication has failed more often than the other listed methods. However, with the shift from SMS to app-based authentication, users may have one less thing to complain about on Twitter.
According to Twitter, the transition is happening because they’ve found SMS-based authentication less secure as they’ve seen “phone-number based 2FA be used – and abused – by bad actors,” hence turning it off for non-Twitter Blue subscribers. However, the availability of this feature may vary from region to region for even Twitter Blue users.
This announcement was made back in February 2023 in a blog post where Twitter mentions that non-Twitter Blue subscribers will have 30 days to disable this method and enroll in another.
Non-Twitter Blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another. After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled. Disabling text message 2FA does not automatically disassociate your phone number from your Twitter account.via Twitter Blog
According to The Verge, “Twitter will also turn off 2FA for your account completely if you don’t switch away from SMS verification or pay for Blue before that deadline,” leaving millions of users vulnerable to security issues such as hacking.
To prevent this from happening, you still have time till today to switch back from SMS 2FA and use free apps such as Google Authenticator or Authy for two-factor verification. If not enabled already, we’ve got you covered with a simple yet comprehensive guide to turning on 2FA authentication here.