Twitter asked users to cancel 2FA through SMS — it becomes a paid option for Twitter Blue subscribers

Twitter will now charge for SMS two-factor authentication, which is currently the company’s least secure form of authentication.

The news was first reported by Zoe Schiffer of Platformer on Twitter, and it is now official. Twitter Blue subscribers will be the only users with access to SMS two-factor authentication, and those who don’t sign up for the subscription service or switch to an authenticator app or physical security key will have their 2FA turned off after March 20th.

While some users might be unhappy with this news, SMS is an outdated form of 2FA that is prone to security vulnerabilities, such as SIM swapping. In fact, even Twitter’s CEO Jack Dorsey was successfully targeted by a SIM swapping attack four years ago. In light of this, it makes sense that Twitter would encourage its users to switch to more secure authentication methods.

The company’s decision to charge for SMS 2FA might also be motivated by the costs of sending SMS messages, and the fact that Twitter is not currently in a strong financial position. According to Twitter’s own transparency data from December 2021, only 2.6 percent of Twitter users had 2FA turned on, and 74 percent of those users were using SMS as their 2FA method.

It is worth noting that there are more secure alternatives to SMS 2FA, such as authenticator apps or physical security keys, which are not only more secure but also more convenient. For users who are concerned about their account security, it is recommended that they switch to one of these alternative methods as soon as possible.