'Twitter to charge users for text-message authentication' diff viewer (0/1)

This article is from the source 'bbc' and was first published or seen on February 20, 2023 20:12 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.bbc.co.uk/news/technology-64678260

The article has changed 2 times. There is an RSS feed of changes available.

Previous version 1 Next version

Previous version 1 Next version

Version 0	Version 1
Twitter to charge users for text-message authentication	Twitter to charge users for text-message authentication
2023-02-20 20:12:20 UTC	2023-03-28 09:31:16 UTC (about 1 month later)
Twitter is removing text-message two-factor authentication (2FA) for non-subscribers.	Twitter is removing text-message two-factor authentication (2FA) for non-subscribers.
By double-checking the identity of the person logging in, 2FA lets users to add an extra layer of security to their online accounts, beyond passwords.	By double-checking the identity of the person logging in, 2FA lets users to add an extra layer of security to their online accounts, beyond passwords.
Common methods include texting users a code or using an authenticator app.	Common methods include texting users a code or using an authenticator app.
But on Saturday, the Twitter Support account tweeted only Twitter Blue subscribers would be able to use text-message authentication from 20 March.	But on Saturday, the Twitter Support account tweeted only Twitter Blue subscribers would be able to use text-message authentication from 20 March.
Some text-message 2FA users also received an in-app alert telling them to remove the method before the deadline to avoid losing access to their account.	Some text-message 2FA users also received an in-app alert telling them to remove the method before the deadline to avoid losing access to their account.
Twitter owner and chief executive Elon Musk tweeted its authenticator app, which would remain free, was more secure.	Twitter owner and chief executive Elon Musk tweeted its authenticator app, which would remain free, was more secure.
Twitter had been "scammed" by phone companies and was paying more than $60m (£49m) a year for "fake 2FA SMS messages", he told a critic of the move.	Twitter had been "scammed" by phone companies and was paying more than $60m (£49m) a year for "fake 2FA SMS messages", he told a critic of the move.
~~Use~~ of ~~free~~ ~~authentication~~ ~~apps~~ ~~for~~ ~~2FA~~ ~~will~~ ~~remain~~ ~~free~~ ~~and~~ ~~are~~ ~~much~~ ~~more~~ ~~secure~~ ~~than~~ ~~SMS~~ ~~https://t.co/pFMdxWPlai~~	Allow Twitter content?
	This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’.
Twitter blogged "bad actors" had abused the method.	Twitter blogged "bad actors" had abused the method.
"We encourage non-Twitter Blue subscribers to consider using an authentication app or security-key method instead," it said.	"We encourage non-Twitter Blue subscribers to consider using an authentication app or security-key method instead," it said.
"These methods require you to have physical possession of the authentication method and are a great way to ensure your account is secure."	"These methods require you to have physical possession of the authentication method and are a great way to ensure your account is secure."
But security expert Rachel Tobac tweeted the move was "nerve-wracking", citing a Twitter report published in July 2022 showing only 2.6% of active Twitter accounts had 2FA turned on between July 2021 to December 2021 but of those:	But security expert Rachel Tobac tweeted the move was "nerve-wracking", citing a Twitter report published in July 2022 showing only 2.6% of active Twitter accounts had 2FA turned on between July 2021 to December 2021 but of those:
74.4% were using the text-message method.	74.4% were using the text-message method.
28.9% were using an authentication app	28.9% were using an authentication app
"All of us in security want folks to use a great form of [multi-factor authentication] to protect their account," Ms Tobac tweeted, "but auto-unenrolling users who already signed up for SMS 2FA, because they didn't pay, just opens them up to risk."	"All of us in security want folks to use a great form of [multi-factor authentication] to protect their account," Ms Tobac tweeted, "but auto-unenrolling users who already signed up for SMS 2FA, because they didn't pay, just opens them up to risk."
Experts have warned SMS 2FA can be less secure than authenticator apps.	Experts have warned SMS 2FA can be less secure than authenticator apps.
But it remained popular because it was easy to use, Prof Alan Woodward, of the University of Surrey, said.	But it remained popular because it was easy to use, Prof Alan Woodward, of the University of Surrey, said.
"I'd rather people used something rather than nothing, which might well be what the less tech savvy are tempted to do," he told BBC News.	"I'd rather people used something rather than nothing, which might well be what the less tech savvy are tempted to do," he told BBC News.
"I sympathise that Elon Musk is trying to drive cost out of the business but choosing to effectively discourage 2FA for many users seems a dreadfully short-sighted false economy."	"I sympathise that Elon Musk is trying to drive cost out of the business but choosing to effectively discourage 2FA for many users seems a dreadfully short-sighted false economy."
Related Topics	Related Topics
Social media	Social media
Elon Musk	Elon Musk
Twitter	Twitter
Cyber-security	Cyber-security