Two-factor authentication by text message (SMS), a basic security function on any platform, now it will be paid on Twitter. Those led by Elon Musk announced that, as of March 19, this feature will only be available to Twitter Blue subscribers – which is not yet available worldwide.
Some users, in fact, have already begun to receive an alert from Twitter notifying them of the change. If you’re not a Twitter Blue subscriber and you currently have two-factor authentication enabled via text, you have two options. Disable this security feature or resort to verification through third-party applications, such as Google Authenticator. Otherwise, Twitter doesn’t care if you lose access to the social network.
“Only Twitter Blue subscribers can use the two-factor authentication method via text message. It will only take a few minutes to disable it. You will still be able to use the security application and security key methods. To avoid losing access to Twitter, turn off two-factor authentication via text before March 19.”
Without a doubt, it is one of the most absurd decisions that Twitter has made under the direction of Elon Musk. Basic security on an internet platform, whatever it may be, should not be limited to users of a payment service. Even less when that function was previously available at no cost.
Why will Twitter charge for two-factor authentication per text?
According to Twitter, the reasons for this decision are based on another security issue. They suggest that two-factor authentication by text message has recently been used maliciously to compromise accounts, which is why they have limited its use.
“While historically 2FA is a popular method of security, unfortunately we have seen bad actors use and abuse phone number-based authentication. So, starting today, we will no longer allow accounts to sign up for two-factor verification via text/SMS unless they are Twitter Blue subscribers.”
Do we believe them? The truth is that, if there were really concerns about malicious use of a verification system, they would disable it completely. They wouldn’t make it exclusive to a subscription…
The real reason is surely due to a cost reduction. Using an authentication system through SMS has an additional cost for the companies that use it in order to reinforce their security. Apparently, Elon Musk’s company is not in a position to continue paying for these services without billing its users.
Following the arrival of Elon Musk at the helm of Twitter, more and more features—both old and new—are now only exclusively available to Twitter Blue users. Among them, the verification badge and the new 4,000-character tweets. However, they are additional proposals that can be dispensed with without any problem. Security hardening, by contrast, should not be restricted to a paywall.