Millions of Twitter users today are being urged to check settings – ‘dangerous’ app change will leave you unprotected

MILLIONS of Twitter users have been urged to check their settings now or risk having their accounts hacked.

Twitter announced last month that it would be disabling SMS-based two-factor authentication (2FA) for all users except Twitter Blue subscribers.

1

Twitter Blue is Twitter’s paid service that starts at $8 per month or $84 per year.

“After March 20, 2023, we will no longer allow non-Twitter Blue subscribers to use text messaging as a 2FA method,” the company said in a blog entry.

“At this point it will be disabled for accounts that still have SMS 2FA enabled,” they added.

What is SMS 2FA?

Most smartphone users rely on two-factor authentication, also known as 2FA, to secure their online accounts.

2FA protects your accounts by requiring an extra layer of verification before signing in – e.g. B. a text confirmation (SMS).

The tech giant, which was bought by billionaire Elon Musk in October 2022, called SMS-based 2FA “historically popular”.

“Unfortunately, we’ve seen phone number-based 2FA used – and abused – by bad actors,” they added.

However, many cybersecurity experts believe Twitter’s move will leave many users unprotected.

Michael Crandell, CEO of password manager company Bitwarden, told The US Sun: “SMS users are likely to be hit the hardest, which is unfortunate as it reduces security for those users.”

Still, there are ways for users to protect their accounts now that Twitter has disabled SMS 2FA.

“Bitwarden recommends that users choose an authentication application instead of SMS,” Crandell said.

“Big companies offer apps like Google Authenticator, Microsoft Authenticator or Twilio Authy,” he added.

Some authenticators preferred by Bitwarden are Raivo on iOS and Aegis on Android.

The company also offers a built-in authenticator on every paid plan, starting at just $10 per year.

“This allows for an extremely convenient bundling of your 2FA into your password manager,” Crandell said.

Twitter users who own iPhones can also use Apple’s built-in 2FA tool, which the company describes on its page website as “an extra layer of security” designed to “ensure that you’re the only person who can access your account, even if someone knows your password.”

The feature is useful for protecting apps that contain sensitive information (such as banking or investment information) and can also help protect you from identity and phishing scams.

How to activate Apple’s authenticator

To enable Apple’s built-in authenticator, first go to Settings on your iPhone and then select Passwords.

Use Face ID or Touch ID to access your passwords, then tap the account you want to set up 2FA for.

It is important to note that this 2FA method does not work with every website or app.

Then click Set up verification code. You will see a menu with two options: enter setup key and scan QR code.

If you choose setup keys, go to the app’s or website’s page and copy their setup key.

Just paste the code into your iPhone’s “Settings Setup Key” field, then tap “OK.”

If you choose the QR code option, you will need to look in the settings of that service/website and then scan it.