Twitter users who secure their account with SMS-based two-factor authentication (2FA) will have to subscribe to Twitter Blue by Mar. 19, 2023, to keep using the feature. But that doesn't mean users should rush to buy a Blue subscription or leave the platform. There are other two-factor authentication methods that can be used to secure a user's Twitter account, and those methods are actually stronger than text message verification. Two-factor authentication uses some other verification method — beyond just a username and password — to make sure the person logging in is really the owner of the account. In the age of data leaks and successful brute-force account breaches, two-factor authentication is more important than ever.
The shift in Twitter's two-factor authentication policy was a surprise announcement made on Feb. 18 through a pop-up message in the mobile app, accompanied by a Twitter blog post. Before the change, Twitter offered three forms of two-factor authentication: SMS verification, authentication app, and security key. The company cites the poor security that comes with text message verification as a reason for the move, but it's strange that Twitter would allow its paying subscribers to use a vulnerable authentication method. However, Twitter users can still use an authentication app or security key as a two-factor authentication method without buying Blue. Here's how to do it.
Set Up An Authentication App Or Security Key For Twitter
Twitter users can start the changeover process by opening the Twitter app and navigating to the sidebar on a mobile device. Then, tap Security and Account Access and press Security in the submenu. Next, tap Two-Factor Authentication to view the available verification methods for Twitter. On this page, users will see the three two-factor authentication methods: Text Message, Authentication App, and Security Key. Since text message verification is ruled out for non-Blue users, Authentication App or Security Key must be chosen.
Using an authentication app is the simplest way to switch from SMS-based authentication. To get started, tap the checkbox next to Authentication App and enter the account password. Next, users will need to use an authentication app like Google Authenticator or Authy. Download an authentication app and follow the on-screen prompts to set up the application before returning to Twitter. Then, tap Get Started in the Twitter app and press Link App.
Users will see a verification code beside their Twitter username in their linked authentication app, and they'll need to enter that code in the Twitter app to complete the setup process. Authentication app verification codes expire every few seconds, so users should wait for the code to refresh before entering it in the Twitter app. Users that get a You're All Set landing page have successfully set up two-factor authentication.
A security key can also be used as a two-factor authentication method, but this is a more advanced option for tech-savvy users. Security keys are hardware devices — which commonly look like USB drives or keycards — that must come in contact with a device to authenticate a sign-in attempt. Users can set up a hardware key by tapping the checkbox next to Security Key and following the on-screen prompts with a compatible device. Users should pick a security key that can connect to all their devices, which may require USB or NFC connectivity.
After a new two-factor authentication method is set up, users need to return to the main Two-Factor Authentication page to remove SMS verification. Simply tap the checkbox next to Text Message and press the Turn Off button to disable the security method. Once that is finished, Twitter users actually have a more secure two-factor authentication method enabled without buying a Blue subscription.
Source: Twitter