Just a few weeks ago, Twitter ceased two-factor authentication using text messages for non-Twitter Blue users. This came after the social media platform announced that users should use third-party apps or a security key instead to verify their accounts, as it’s much safer.
The future of Twitter
In recent times, Twitter has revamped Twitter Blue, its subscription-based service that adds a blue checkmark to subscribed users. The feature and many other implementations are part of Twitter’s plan to create an all-in-one super app. According to its post, ExpressVPN shared that the platform’s new owner, Elon Musk, plans to create a super app that offers multiple things, such as shopping, food delivery, and ride-hailing services.
With the removal of two-factor authentication via SMS, however, Twitter has experienced some backlash from users, considering that an overwhelming majority use SMS as their primary authentication source. Without this, users now have to convert to using either an app or a security key.
How effective are Twitter’s new verification methods?
While it might seem controversial, Twitter’s recent move might actually provide safer means of authentication for its users, as SMSes aren’t always the safest way of authenticating. According to cybersecurity experts, SIM-swapping attacks could undermine the safety of text messaging verification.
During a SIM swap attack, malicious actors trick phone carriers into transferring a number to a SIM card they control. After switching numbers, the hacker will then receive the verification code initially intended for the user to log in to an account.
That said, verification through an authenticator app or security keys might just be more secure and safer for users.
However, it’s also understandable why some Twitter users might be against this change as they’re used to securing their accounts through texts and might not be comfortable paying the 8 USD monthly fee for a Twitter Blue subscription.
In addition, it’s also worth noting that not every single Twitter user has the same level of technical expertise and would know how to use an authenticator app or security keys. Text messages, on the other hand, are universal and easily accessible.
Having 2FA is better than nothing at all
Despite what Twitter might think, though, setting up two-factor authentication, regardless of the method, is better than having no form of authentication at all.
While it’s not confirmed if Twitter is aware of the unhappiness of its users, the company has provided a step-by-step guide on how users can set up 2FA on various devices. Their article in the Help Center details how users can verify their logins and set up 2FA on a desktop or a smartphone. This should allay users’ concerns about the difficulty of switching to an alternative authentication method.
There are also plenty of third-party authentication apps like Authy and Google Authenticator that can help make the process easier. Apple users will also be glad to know that the native password manager on the iPhone or iPad can also be used as an authenticator.
Ultimately, while the outrage from Twitter users is completely understandable, internet users these days have to be more vigilant about their online safety and will have to keep up with the latest cybersecurity trends to ensure that their accounts remain protected.