Twitter has introduced that it is limiting using SMS-based two-factor authentication (2FA) to its Blue subscribers.
“Whereas traditionally a well-liked type of 2FA, sadly we now have seen phone-number based mostly 2FA be used – and abused – by unhealthy actors,” the corporate stated.
“We’ll not enable accounts to enroll within the textual content message/SMS methodology of 2FA except they’re Twitter Blue subscribers.”
Twitter customers who haven’t subscribed to Blue which have enrolled for SMS-based 2FA have time until March 20, 2023, to modify to an alternate methodology equivalent to an authenticator app or a {hardware} safety key.
After this cutoff date, non-Twitter Blue subscribers can have their possibility disabled.
The choice strategies “require you to have bodily possession of the authentication methodology and are an effective way to make sure your account is safe,” Twitter famous.
On condition that SMS has been the least safe type of 2FA, the most recent enforcement is more likely to power folks to maneuver in the direction of safe types of authentication.
In line with Twitter’s personal knowledge, solely 2.6% of all energetic accounts have enabled a minimum of one type of 2FA. SMS accounts for 74.4%, adopted by authenticator apps (28.9%) and safety keys (0.5%).