Twitter has announced that only paid subscribers will be able to use text messages as a two-factor authentication (2FA) method to secure their accounts.
“After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled,” the company stated.
Two-factor authentication, which is intended to increase account security, necessitates the use of a second authentication method in addition to a password. Twitter supports two-factor authentication via text message, authentication app, and security key.
The company believes phone-number-based 2FA is being abused by bad actors, according to a blog post published on Wednesday and linked to in the company’s tweet.
Elon Musk, the CEO of Twitter, responded with “Yup” to a user tweet stating that the company was changing policy “because Telcos Used Bot Accounts to Pump 2FA SMS,” and that the company was losing US$60 million per year “on scam SMS.”
The blue checkmark, which was previously reserved for verified accounts of politicians, celebrities, journalists, and other public figures, is now available to anyone willing to pay.