Last month, Twitter announced that it would start charging a fee for the use of SMS messages for two-factor authentication. That change is set to officially go into effect tomorrow, March 20, making today the last day to move away from SMS two-factor authentication.
Twitter’s new 2FA policies
Starting tomorrow, Twitter will completely disable two-factor authentication on accounts that use 2FA via text messages, but don’t pay for Twitter Blue. This means that a whole bunch of accounts are about to become less secure tomorrow, unless users proactively switch to another method of 2FA (or pay $8 per month for Twitter Blue).
Non-Twitter Blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another. After 20 March 2023, we will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled.
If you rely on text messages for two-factor authentication via Twitter, you have three options:
- Do nothing: Twitter will automatically disable two-factor on your account tomorrow.
- Switch to another form of two-factor authentication, using an app/service like iCloud Keychain, 1Password, Google Authenticator, or Authy.
- Sign up for Twitter Blue for $8/month.
Our recommendation is to proceed with the second option listed above. While it’s frustrating that Twitter is ditching SMS two-factor authentication, the reality is that using a dedicated authenticator app is far more secure anyways. These apps generate a rotating two-factor authentication code, which you’ll enter anytime you log into Twitter on a new device.
To change your Twitter two-factor authentication settings, head to your account details in the Twitter app or on Twitter’s website and look for the “Security and Account Access” menu. Here, you can manage your two-factor authentication settings and switch to an authentication app.
The best two-factor apps for iPhone, iPad, and Mac
Our colleagues over at 9to5Google have a deeper dive into how to use Google Authenticator for securing your Twitter account. My personal recommendation, however, is to use something like iCloud Keychain or 1Password, both of which offer better cross-device syncing than Google Authenticator does.
Follow Chance: Twitter, Instagram, and Mastodon
FTC: We use income earning auto affiliate links. More.