What’s the deal with Twitter and 2FA? What actually is 2FA?

(WHTM) – On Wednesday, February 15, 2023, Twitter posted a message on its blog titled “An Update on Two-Factor Authentication with SMS on Twitter.”

Often abbreviated as 2FA, two-factor authentication is a standard way of applying an extra layer of protection to online accounts, from email to online banking to just about anything.

Two-factor authentication changes logging into an online account from a two-step to a three-step process, which can be a bit annoying if you’re already having trouble remembering your password, but seriously, it’s worth the effort .

Step one, you go to an online site and enter your username. In the second step, enter a password. This is where 2FA kicks in. You will then be given a code number which you then enter on the website, hit enter and voila! You will be granted access to the website.

How You will receive the code that you need to set up. You can use one authentication app. This is a program that you download onto your computer/phone/tablet/multifunction coffee maker. Once you install and activate it, it will generate a random number whenever you log into a website. You then enter this number to create the delivery of the second identification.

Another method is to use a security key, a physical device that you typically connect to your computer through a USB port. You enter the accounts to be monitored and they are then only accessible when the key is inserted.

Both methods offer excellent security, but can be a little cumbersome to set up. (And heaven help you if the cat accidentally smashes your security key into a mouse hole.) But by far the most popular method of two-factor authentication is SMS.

SMS is an abbreviation for short message service or sometimes short message service. Most of the time we just call it “Send SMS” or “Write SMS”. Setting up SMS/2FA is very easy – websites usually have a place where you can enable it with a few clicks of the mouse. Then, when you log into a website, depending on the method you choose, you’ll receive an SMS or email with a code number to enter, which is usually only valid for a few minutes. (Some websites may also send you a number via automated phone message.)

SMS is undoubtedly the easiest of the three methods and the most popular. Unfortunately, it is also the most unsafe. Hackers find all sorts of ways to harvest information from SMS texts. The topic is worth it an article in itself, which fortunately has already been written.

Which brings us back to the Twitter blog. It announces that because “we’ve seen phone number-based 2FA being used — and abused — by bad actors,” they no longer allow people to sign up for it. The post further announces that after March 20, “at that time, accounts with SMS 2FA still enabled will be disabled.”

Unsurprisingly, this announcement is enough to get many people upset, but the post also announces that SMS verification will continue to be open to Twitter Blue subscribers, a $8/month service “that will give your Adding a blue tick to your account and offers early access to select features.” This infuriated people doubly; Twitter Blue was once a free service, and now SMS verification is being put behind a paywall as well.

How Much Does SMS Scam Twitter Cost? Elon Musk, the owner of Twitter, responded to a recent post that claimed the company was losing $60 million a year due to fraudulent text messages with a one-word response – “Yup.”

Whether the number is true or not, security experts are wondering if SMS is so dangerous and costly, why continue to offer it at all? To view the original Twitter blog post, click Here.