Twitter Blue Exclusive: SMS Two-Factor Authentication Upgraded by Twitter

Twitter 2.0 continues to evolve in ways that nobody could have predicted. Mostly because they’re bad, but nevertheless, maybe there’s a method to the madness that we can’t see.

Or maybe not.

The latest update from Elon and Co. is that Twitter is switching off SMS-based two-factor authentication for all non Twitter Blue subscribers from next month.

As explained by Twitter:

“While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers. The availability of text message 2FA for Twitter Blue may vary by country and carrier.”

That means that the most commonly used form of authentication, in order to keep your account safe from hacking, will now only be available to those willing to pay Twitter $8 per month.

Which, theoretically at least, means that Twitter can then trust that these people are actual humans, through its own verification process – though Twitter’s isn’t actually verifying the identities of people signing up for Twitter Blue. So it’s just the accounts of people that can afford, and are willing to pay.

“Non-Twitter Blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another. After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled.”

So no more secondary protection on your account – instead, you’ll have to use an authentication app or security key instead. Both of which are less convenient. But Twitter seems to believe that bad actors are too easily able to abuse the current process. So it’s cutting them off, along with the many millions of people who aren’t misusing it.

Which seems like a pathway to more account hacks, and more issues with people losing access, which, overall, doesn’t seem to be a great direction for Twitter’s growth plans.

Another consideration is that maybe this will just push more people to pay for Twitter Blue, and bring in more revenue for Twitter.

And again, ostensibly, Twitter Blue is a form of verification, at least in Twitter’s eyes. So maybe, Twitter’s view is that if it can force more people to pay, that will make it more of a security element, and help to weed out bots who won’t pay the monthly fee.