Twitter in February 2023 announced that text message two-factor authentication (2FA) is set to become a premium feature for Twitter Blue accounts. Here's why the company's logic behind the decision doesn't make any sense from a security perspective, and why you don't need the feature anyway.

Twitter Feature
Twitter has said that it will soon be removing text message-based 2FA from non-paying accounts and turning it into a feature that will only be available to subscribers of its premium Twitter Blue offering, which costs $8 per month. This means that any users who don't pay for a Blue subscription and rely on Twitter to send them an SMS text message code to complete the login process will have the feature turned off and removed from their accounts by March 20. Their account password will become the only barrier to access.

Aside from purely financial reasons (presumably it costs Twitter to send you a text), making text-based 2FA a paid-for perk is an odd decision on Twitter's part.

Twitter has justified the policy change by saying, rightly, that SMS 2FA can be abused by bad actors. And there have indeed been "SIM swap attacks" where hackers convinced cell providers to assign a victim's phone number to a device they control, and by taking control of a person's phone number, the hacker can impersonate the victim, as well as receive text message codes to their account. But making SMS 2FA available only to Twitter Blue subscribers simply makes them more susceptible to attacks of this nature.

Twitter says that it is "committed to keeping people safe and secure on Twitter," and it's true that SMS 2FA is better than no 2FA at all, but its policy does nothing to encourage users to switch to a more secure form of 2FA – perhaps because doing so means paying Twitter absolutely nothing.

Switching to App-Based 2FA is the Solution

Rather than rely on SMS-based 2FA, Twitter users should be using a mobile authentication app, like Duo, Authy, or Google Authenticator, or the password authenticator built-in to iOS. App-based 2FA is a far more secure alternative, as it never leaves your device and doesn't involve you receiving a code sent to your phone via text message.

To use this method to secure your Twitter account, first ensure that you have your authenticator app of choice installed on your iPhone. Then follow these steps:

  1. Launch the Twitter app or log in to the Twitter website.
  2. Go to your account's Settings and privacy, found in the Settings and Support dropdown menu.
  3. Select Security and account access -> Security.
  4. Select Two-factor authentication.
  5. Check the mark next to Authentication app.
  6. Follow the prompts, entering your account password when requested.

twitter 2fa

When you've completed the above steps, you should be able to log in to your Twitter account using your password, accompanied by a code generated by your authenticator app. Just be sure to keep a backup of your codes – if you don't have one and you lose your phone, you'll find it a lot harder to access your 2FA accounts.

Tag: Twitter

Top Rated Comments

contacos Avatar
contacos
15 months ago
I kept mine secure by deleting it. You should try it sometime. It’s also great for one’s mental health (sounds more serious than it is). I used to engage with strangers, which always put me in a bad mood afterwards. Now that I deleted it, I am like why did I care what strangers were thinking! So silly
Score: 36 Votes (Like | Disagree)
senttoschool Avatar
senttoschool
15 months ago

I kept mine secure by deleting it. You should try it sometime. It’s also great for one’s mental health (sounds more serious than it is). I used to engage with strangers, which always put me in a bad mood afterwards. Now that I deleted it, I am like why did I care what strangers were thinking! So silly
Now you spend that time engaging with strangers on Macrumors.
Score: 18 Votes (Like | Disagree)
marcinsf Avatar
marcinsf
15 months ago
much easier solution - don't use twitter.
It's free and doesn't cost anything to not use twitter :)
Score: 11 Votes (Like | Disagree)
judgeFire Avatar
judgeFire
15 months ago
In recent OS releases, the Settings > Passwords options include setting up Keychain based 2FA without the need for a third party app. It can also pop up the code when required, if it senses the field in question is for that. The SMS autofill is more consistent, tho
Score: 10 Votes (Like | Disagree)
adammusic Avatar
adammusic
15 months ago
I feel like nobody knows about iOS built in 2fa.
Score: 9 Votes (Like | Disagree)
andrewxgx Avatar
andrewxgx
15 months ago
the fact that twitter is looking at cutting cost of sending auth SMSes is telling you a lot of how bad things are up there
they basically look for spare change between couch cushions
Score: 7 Votes (Like | Disagree)
Read All Comments

Popular Stories

Apple Silicon AI Optimized Feature Siri

Apple Releases Open Source AI Models That Run On-Device

Wednesday April 24, 2024 3:39 pm PDT by
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Read Full Article86 comments
iOS 18 Siri Integrated Feature

iOS 18 Rumored to Add These 10 New Features to Your iPhone

Wednesday April 24, 2024 2:05 pm PDT by
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the "biggest" update in the iPhone's history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more....
Read Full Article
maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article280 comments
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article417 comments
iPad And Calculator App Feature 1

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Read Full Article223 comments
macbook pro purple february

Best Buy Introduces Record Low Prices on Apple's M3 MacBook Pro for Members

Thursday April 25, 2024 7:41 am PDT by
Best Buy is discounting a collection of M3 MacBook Pro computers today, this time focusing on the 14-inch version of the laptop. Every deal in this sale requires you to have a My Best Buy Plus or Total membership, although non-members can still get solid second-best prices on these MacBook Pro models. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a...
Read Full Article44 comments