Twitter users were given an ultimatum from the social media app on Saturday morning: sign up for the platform’s new premium service or lose a popular account security feature.
A pop-up message warned users that they will lose the ability to protect their accounts via two-factor authentication via text unless they pay $8 per month to subscribe to Twitter Blue.
The message said that, starting March 19, users who do not subscribe will not be able to access their accounts until they remove the security feature.
Here are some questions and answers about why Twitter made this change and alternative ways to protect your account:
WHAT IS TWO FACTOR AUTHENTICATION?
Two-factor authentication adds a second layer of security to password-protected accounts by having users enter an automatically generated code to log in.
This extra step helps protect online accounts because in addition to the password, you need access to a separate app, device, or phone number where you can receive the code.
Such codes can be generated by applications such as Microsoft Authenticator or Google Authenticator. Or they can be sent to a user’s smartphone via text message.
It’s text-based two-factor authorization that Twitter now restricts to Twitter Blue subscribers only.
WHY IS TWITTER DOING THIS?
In a blog post Wednesday, the San Francisco-based company acknowledged that the text-based security method has historically been popular with its users, but said the feature is being “used and abused by bad actors.”
The company did not respond early Saturday to an email seeking more details about how the security method was being abused.
Elon Musk, who completed his $44 billion acquisition of Twitter in October, has been trying to figure out how to maximize profits at the company.
One of them is Twitter Blue, which, among other features, allows anyone to pay for verification that was previously reserved for celebrities, journalists, and other well-known people.
In its blog, Twitter encouraged users who are not signing up for Twitter Blue to consider using alternative account security options, specifically an authenticator app or security key.
These methods require you to have physical possession of the authentication method and are a good way to ensure that your account is secure.
WHAT ARE THE OTHER OPTIONS TO SECURE MY TWITTER ACCOUNT?
An authenticator app or security key will also add a layer of account security beyond just a password.
A security key is a small, portable device that generates a set of random numbers that you enter when prompted when logging into an online account.
An authenticator app uses the same approach, but instead of a separate physical device, the app is on your phone.
To set up an authenticator app to protect your Twitter account, you’ll need to download one of several apps available on your device. They are free in the Apple or Android app stores. If you’d rather not use Google or Microsoft Authenticator, there are other options, including Authy, Duo Mobile, and 1Password.
Once you have the app, open the desktop version of Twitter and click the icon that shows an ellipsis in a circle. There, you will find "Settings and privacy"then "Security and account access" and finally, "Security". Here, you can select "authenticator app" and follow the instructions to set it up. Twitter will ask you to share your email address to do this, if you haven’t already.
Once you’re all set, you can use the automatically generated numeric codes from your authenticator app to add an extra layer of security when signing in to Twitter.