Twitter to charge users to secure accounts via text message

The company believes phone-number-based 2FA is being abused by "bad actors"

(Reuters) - Twitter said on Friday it will allow only paid subscribers to use text messages as a two-factor authentication (2FA) method to secure their accounts.

After March 20, "only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method," the company tweeted.

Effective March 20, 2023, only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method. Other accounts can use an authentication app or security key for 2FA. Learn more here:https://t.co/wnT9Vuwh5n

— Twitter Support (@TwitterSupport) February 18, 2023

Two-factor authentication, meant to make accounts more secure, requires an account holder to use a second authentication method in addition to a password. Twitter allows 2FA by text message, authentication app and a security key.

The company believes phone-number-based 2FA is being abused by "bad actors," according to a Wednesday blog post that the company's tweet linked to.

Twitter owner Elon Musk tweeted "Yup" in reply to a user tweet that the company was changing policy "because Telcos Used Bot Accounts to Pump 2FA SMS," and that the company was losing $60 million a year "on scam SMS."

Yup

— Elon Musk (@elonmusk) February 18, 2023

The blue check mark, previously free for verified accounts of politicians, famous personalities, journalists and other public figures, is now open to anyone prepared to pay.