Twitter is set to begin charging users to receive SMS codes for two-factor authentication (2FA) on Monday. The company, which was acquired by Elon Musk in October 2022, announced last month that only users who had paid to subscribe to Twitter Blue would be able to request login codes via SMS, in order to secure their account. The service continues to allow users to protect their accounts with a second authentication method, which is required after their password is entered.
Last month, Twitter announced that as of March 20 — that’s today — only Twitter Blue subscribers would be able to use SMS as a 2FA authentication method. The microblogging service currently allows users to secure their accounts — in addition to their password — by receiving an SMS login code, using a third-party authenticator app, or using a hardware security key.
At the time, Twitter said that users would have 30 days to remove SMS based 2FA from their account settings, adding that the firm was shutting down access for SMS login codes for regular Twitter users because it believed that the 2FA authentication method that relied on text messages was being abused by “bad actors”.
Twitter Blue is priced at Rs. 900 per month, and Rs. 9,400 for an annual plan. While these prices are for users who subscribe using their smartphones, the service also offers cheaper plans via the Web interface that are priced at Rs. 650 per month, or Rs. 6,800 per year.
While SMS codes are widely considered an insecure 2FA method compared to authenticator apps and hardware security keys, they are easier for many users to set up, and the removal of SMS-based 2FA will leave several Twitter accounts without protection from hackers.
Users who want to continue to keep their Twitter account protected with a second layer of authentication can either purchase and enrol a hardware security key, or follow our guide to set up a free third-party app like Authy, Google Authenticator, Microsoft Authenticator, or the open source Aegis Authenticator app, after Twitter disables support for SMS-based 2FA on Monday.