Twitter has announced it will provide its SMS-based two-factor authentication only to paid users.
Only Twitter users who are subscribed to the $8-a-month Twitter Blue service will be able to access the app’s SMS-based two-factor authentication.
The Elon Musk-owned firm stated that these subscribers will start enjoying the service from 20 March.
The company currently provides free two-factor (2FA) authentication through third-party apps and a security key, which are considered more secure than SMS-based systems.
Instead of only entering a password to log in, 2FA requires you to also enter a code or use a security key, ensuring that you, and only you, can access your account.
“We have seen phone-number-based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers,” Twitter stated.
The firm said the availability of text message 2FA for Twitter Blue may vary by country and user.
Non-Twitter Blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another.
“After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled. Disabling text message 2FA does not automatically disassociate your phone number from your Twitter account,” Twitter said.
The firm says non-Twitter Blue subscribers have an alternative of using an authentication app or security key method.
“These methods require you to have physical possession of the authentication method and are a great way to ensure your account is secure.”