Yahoo Autos Twitter’s 2FA paywall is a good opportunity to upgrade your security practices
The platform could become less secure — but that doesn't mean you have to be.
Twitter announced plans to pull a popular method of two-factor authentication for non-paying customers last week. Not only could this make your account more vulnerable to attack, but it may even undermine the platform’s security as a whole and set a dangerous precedent for other sites.
Two-factor authentication, or 2FA, adds a layer of security beyond password protection. Weak passwords that are easily guessed by hackers, leaked passwords or phishing attacks that can lure password details out of a user can all lead to unwanted third-party account access.
With 2FA, a user has another guard up. Simply entering a password isn’t enough to gain account access, and instead the user gets a notification via text message, or uses an authenticator app or security key to approve access.
“Two factor authentication shouldn't be behind a paywall,” Rachel Tobac, CEO of security awareness organization SocialProof Security, told Engadget, “especially not the most introductory level of two factor that we find most everyday users employing.”
Starting March 20, non-subscribers to Twitter will no longer be able to use text message authentication to get into their accounts. The feature will be automatically disabled if users don’t set up another form of 2FA. That puts users who don’t act quickly to update their settings at risk.
If you don’t want to pay $8 to $11 per month for a Twitter Blue subscription, there are still some options to keep your account secure. Under security and account access settings, Twitter users can change to “authentication app” or “security key” as their two-factor authentication method of choice.
