Twitter in February 2023 announced that text message two-factor authentication (2FA) is set to become a premium feature for Twitter Blue accounts. Here's why the company's logic behind the decision doesn't make any sense from a security perspective, and why you don't need the feature anyway.

Twitter Feature
Twitter has said that it will soon be removing text message-based 2FA from non-paying accounts and turning it into a feature that will only be available to subscribers of its premium Twitter Blue offering, which costs $8 per month. This means that any users who don't pay for a Blue subscription and rely on Twitter to send them an SMS text message code to complete the login process will have the feature turned off and removed from their accounts by March 20. Their account password will become the only barrier to access.

Aside from purely financial reasons (presumably it costs Twitter to send you a text), making text-based 2FA a paid-for perk is an odd decision on Twitter's part.

Twitter has justified the policy change by saying, rightly, that SMS 2FA can be abused by bad actors. And there have indeed been "SIM swap attacks" where hackers convinced cell providers to assign a victim's phone number to a device they control, and by taking control of a person's phone number, the hacker can impersonate the victim, as well as receive text message codes to their account. But making SMS 2FA available only to Twitter Blue subscribers simply makes them more susceptible to attacks of this nature.

Twitter says that it is "committed to keeping people safe and secure on Twitter," and it's true that SMS 2FA is better than no 2FA at all, but its policy does nothing to encourage users to switch to a more secure form of 2FA – perhaps because doing so means paying Twitter absolutely nothing.

Switching to App-Based 2FA is the Solution

Rather than rely on SMS-based 2FA, Twitter users should be using a mobile authentication app, like Duo, Authy, or Google Authenticator, or the password authenticator built-in to iOS. App-based 2FA is a far more secure alternative, as it never leaves your device and doesn't involve you receiving a code sent to your phone via text message.

To use this method to secure your Twitter account, first ensure that you have your authenticator app of choice installed on your iPhone. Then follow these steps:

  1. Launch the Twitter app or log in to the Twitter website.
  2. Go to your account's Settings and privacy, found in the Settings and Support dropdown menu.
  3. Select Security and account access -> Security.
  4. Select Two-factor authentication.
  5. Check the mark next to Authentication app.
  6. Follow the prompts, entering your account password when requested.

twitter 2fa

When you've completed the above steps, you should be able to log in to your Twitter account using your password, accompanied by a code generated by your authenticator app. Just be sure to keep a backup of your codes – if you don't have one and you lose your phone, you'll find it a lot harder to access your 2FA accounts.

Tag: Twitter

Top Rated Comments

contacos Avatar
21 months ago
I kept mine secure by deleting it. You should try it sometime. It’s also great for one’s mental health (sounds more serious than it is). I used to engage with strangers, which always put me in a bad mood afterwards. Now that I deleted it, I am like why did I care what strangers were thinking! So silly
Score: 36 Votes (Like | Disagree)
senttoschool Avatar
21 months ago

I kept mine secure by deleting it. You should try it sometime. It’s also great for one’s mental health (sounds more serious than it is). I used to engage with strangers, which always put me in a bad mood afterwards. Now that I deleted it, I am like why did I care what strangers were thinking! So silly
Now you spend that time engaging with strangers on Macrumors.
Score: 18 Votes (Like | Disagree)
marcinsf Avatar
21 months ago
much easier solution - don't use twitter.
It's free and doesn't cost anything to not use twitter :)
Score: 11 Votes (Like | Disagree)
judgeFire Avatar
21 months ago
In recent OS releases, the Settings > Passwords options include setting up Keychain based 2FA without the need for a third party app. It can also pop up the code when required, if it senses the field in question is for that. The SMS autofill is more consistent, tho
Score: 10 Votes (Like | Disagree)
adammusic Avatar
21 months ago
I feel like nobody knows about iOS built in 2fa.
Score: 9 Votes (Like | Disagree)
andrewxgx Avatar
21 months ago
the fact that twitter is looking at cutting cost of sending auth SMSes is telling you a lot of how bad things are up there
they basically look for spare change between couch cushions
Score: 7 Votes (Like | Disagree)

Popular Stories

Beyond iPhone 13 Better Blue Face ID Single Camera Hole

10 Reasons to Wait for Next Year's iPhone 17

Friday September 13, 2024 2:40 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...
Generic iOS 18 Feature Real Mock

Apple Shares Full List of Over 250 New Features and Changes Coming With iOS 18

Wednesday September 11, 2024 7:16 am PDT by
Following its iPhone 16 event on Monday, Apple shared a PDF on its website with a list of all new features and changes coming with iOS 18. The list includes many features that were already announced, including Apple Intelligence, new customization options for the Home Screen and Control Center, a redesigned Photos app, several enhancements to the Messages app, a Passwords app, and more....
iphone 16 pro models 1

Skipping the iPhone 16 Pro? Here's What's Rumored for iPhone 17 Pro

Wednesday September 11, 2024 8:20 am PDT by
Will you be skipping the iPhone 16 Pro and waiting another year to upgrade? If so, we already have some iPhone 17 Pro rumors for you. Below, we recap key new features rumored for the iPhone 17 Pro models so far: 24MP front camera for all iPhone 17 models: All four iPhone 17 models will feature an upgraded 24-megapixel front-facing camera, according to Apple supply chain analysts Ming-Chi...
iphone 16 pro colors 1

Here's When iPhone 16 Pre-Orders Begin in Every Time Zone

Thursday September 12, 2024 6:12 am PDT by
Pre-orders for the iPhone 16, ‌iPhone 16‌ Plus, iPhone 16 Pro, and ‌iPhone 16 Pro‌ Max are set to begin on Friday, September 13 at 5:00 a.m. Pacific Time, with the new devices set to become available in multiple countries around the world simultaneously. We've compiled pre-order times for various countries to help MacRumors readers be among the first to order. This list isn't...
iphone 16 pro apple intelligence

iPhone 16 Pro and Pro Max Shipping Estimates Extending Into October

Friday September 13, 2024 5:48 am PDT by
Apple began accepting pre-orders for all four new iPhone 16 models today, and shipping estimates for the iPhone 16 Pro and Pro Max on Apple's online store in the U.S. are already beginning to slip into October for many configurations. As of 6:45 a.m. Pacific Time, the iPhone 16 Pro and Pro Max were facing a 2-4 week shipping delay for some configurations on Apple's online store, with...
iphone 16 pro apple intelligence

Apple Intelligence Features Expected to Roll Out in This Order Between iOS 18.1 and iOS 18.4

Friday September 13, 2024 1:01 pm PDT by
iOS 18 will be released to the public on Monday, but the first Apple Intelligence features will not be available until iOS 18.1 is released in October. Apple Intelligence features will continue to roll out in iOS 18.2 and beyond, with the expected roadmap outlined below per Apple's website and rumors. Apple Intelligence requires an iPhone 15 Pro model or any iPhone 16 model, and it will...