Microblogging platform Twitter will limit its message-based two-factor authentication (2FA) to its Blue subscribers beginning March 20. This means that in order to avail the two-factor authentication, users who do not have a Twitter Blue subscription will have to either pay ₹900 or use an authentication app or security key for 2FA.
"Effective March 20, 2023, only Twitter Blue subscribers will be able to use text messages as their two-factor authentication method. Other accounts can use an authentication app or security key for 2FA,” the social media platform said in a tweet.
"To be clear, two-factor authentication is still not required to log into Twitter, although we highly encourage users to enable it. This change just restricts the 2FA methods available for accounts not subscribed to Twitter Blue," it added.
The development comes amidst a slew of changes on the social media platform after Tesla CEO Elon Musk bought it in October last year.
What is two-factor authentication?
According to the microblogging platform, two-factor authentication is an extra layer of security provided by Twitter so that only the user can have access to the respective Twitter account. Instead of only entering a password to log in, the users can also enter a code or use a security key through two-factor authentication. There are three methods to avail of two-factor authentication—through a text message, authentication app, and security key. A code will be generated on the Twitter app on android and iOS devices.
In order to avail of the service, the users will have to be enrolled in two-factor authentication. "While historically a popular form of 2FA, unfortunately, we have seen phone-number-based 2FA be used - and abused - by bad actors. So starting today (February 18), we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers. The availability of text message 2FA for Twitter Blue may vary by country and carrier," the social media platform said.
According to the social media platform, the non-twitter blue subscribers that are already enrolled will have 30 days to disable this method and enroll in another. After 20 March 2023, the company will no longer permit non-Twitter Blue subscribers to use text messages as a 2FA method. At that time, accounts with text message 2FA still enabled will have it disabled.
"We encourage non-Twitter Blue subscribers to consider using an authentication app or security key method instead. These methods require you to have physical possession of the authentication method and are a great way to ensure your account is secure," the company said.
API behind paywall
Earlier this month, Twitter announced a slew of features on its application programming interface (API) including a paywall for its API beginning February 13. This means that the developers will be charged a certain amount for access to their APIs, so that third-party apps can interact with Twitter. This is part of the Twitter Blue subscription.
"Paid basic access that offers low level of API usage, and access to Ads API for a $100 monthly fee. A new form of free access will be introduced as this is extremely important to our ecosystem – limited to Tweet creation of up to 1,500 Tweets per month for a single authenticated user token, including Login with Twitter," the social media platform has said earlier.
Twitter Blue subscription was launched in December last year for $8 per month on the website, and $11 per month for iOS users via the Apple app store. The subscription is currently available in 15 countries including India, the United States, United Kingdom, Brazil, and Saudi Arabia.