If you’ve logged into Twitter lately, you might have got a pop-up message warning you that things are changing. Specifically, Twitter is changing how users can log in more securely.
Until now, you had three options for adding two factor authentication – another security layer – to your Twitter account. You could get a code texted to your mobile phone, have one generated through an authenticator app, or use a security key that inserts into your computer or syncs with your mobile device when you want to log in to a new device.
Using two-factor authentication has become standard for online accounts to protect your private data and make it harder for unauthorised parties to gain access. If you need to know more about two-factor – or multifactor – authentication, you can read more on it here.
But from next month, Twitter will no longer offer two-factor authentication through text message – unless you are paying for Twitter Blue, the company’s subscription option that brings the blue badge and some other extra features to those willing to pay. But it is only available in certain countries still, and that doesn’t include Ireland.
File being prepared for DPP over insider trading
Christmas tech for kids: great gift ideas with safety features for parental peace of mind
MenoPal app offers proactive support to women going through menopause
Ezviz RE4 Plus review: Efficient budget robot cleaner but can suffer from wanderlust under the wrong conditions
Just to make things clear: Twitter’s decision doesn’t mean that you can’t use the enhanced security feature at all; it just means that you have to use an authenticator app or security key instead.
[ Wanted: someone ‘foolish enough’ to succeed Elon Musk as Twitter bossOpens in new window ]
So why is Twitter doing this?
It seems to be financially motivated, rather than giving Twitter Blue subscribers any real advantage. According to Twitter’s new owner Elon Musk, it is costing the platform $60 million (€56 million) a year in what he claims are scam messages.
For context, Twitter’s first interest payment to the banks after Musk borrowed billions to buy the platform was rumoured to be in the region of $300 million, and will add up to $1.2 billion over the year.
Irish jewellery designer Chupi: 'The divorce ring is a whole new category'
But regardless of the legitimacy of that claim, SMS is considered the least secure form of two-factor authentication offered by the platform for a number of reasons.
Scammers can gain access to numbers through a SIM swap, which is where they hijack numbers with enough information to have the network redirect the number to another device.
Messages can be intercepted too, either because they are being synced over multiple devices, including a tablet, or through flaws in the mobile network itself. And since SMS is not encrypted, anyone who manages to intercept them has free access to the information they contain.
If you need to find a new two-factor authentication method, what are your options?
The easiest way is to use an authentication app such as Google Authenticator, 1Password, Microsoft Authenticator, Authy or Duo Mobile. If you are an iPhone user, the password manager in iOS will also allow you to generate codes.
The easiest way to set up your app of choice is to open Twitter on your desktop or another device, and use your mobile device to set up two-factor authentication.
Go to Settings & Support> Settings & Privacy and choose Security and Account Access>Two Factor Authentication. Choose Authenticator app, and the site will generate a QR code you can scan to add Twitter to your app.
[ Twitter risks EU ire over incomplete disinformation reportOpens in new window ]
If you can’t access a second device or the code doesn’t work, you can add the account manually. When the QR code is generated, click Can’t Scan QR Code. That will generate a text code that you can copy and add to the authenticator app, along with the email address you use to log in to Twitter.
Once you are set up, you’ll need access to your authenticator app to log in to your Twitter account on a new device, keeping your social media secure and all without having to hand over $8 a month to Elon Musk.