Today’s the last day to switch from Twitter’s SMS-based 2FA to a 2FA app-based authentication. From today onwards, Twitter will soon discontinue its SMS-based two-factor authentication (2FA) feature, the company announced recently. The decision, according to Twitter, was prompted by the less secure way of 2FA as described in their 2FA and the availability of more secure authentication methods.
Users currently using SMS-based 2FA on Twitter must switch to a different authentication method before the feature is turned off. Twitter has recommended two alternatives – a security key or a 2FA app – which it deems more secure than SMS-based 2FA.
While announcing the end of SMS 2FA for free Twitter users, the company says, “we have seen phone-number based 2FA be used – and abused – by bad actors.”
Non-Twitter Blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another. After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled. Disabling text message 2FA does not automatically disassociate your phone number from your Twitter account.
Twitter blog announcement
While SMS-based 2FA was once a popular and convenient authentication method, it is no longer deemed secure by many tech companies. Users are advised to switch to more secure authentication methods to protect their accounts from potential security breaches and hacks.