3 minute read

Twitter Removed a Security Measure, But You Have Alternatives

Summary: Twitter has eliminated text message-based two-factor authentication—a common security protection—for free accounts. Fortunately, there are options offering better protection against account takeovers and identity theft. Here’s an overview of the two main alternatives, as well as tips for protecting your privacy and identity on social media and beyond.

Protect your online accounts, including Twitter, with these multi-factor authentication steps

Twitter Two Factor Authentication

It’s become increasingly common for online accounts to encourage or require users to set up multi-factor authentication. This security measure helps to confirm your identity by asking you to take two or more actions in order to successfully log in.

One of the most common security measures is text message-based two-factor authentication (SMS 2FA). When you create an online account, you’re asked to provide your mobile number. Then, whenever you log in and enter a password, the site sends a temporary code to your phone via text message, and you’re asked to input the code in order to complete the log-in. By taking these two steps—first entering your password, then entering the one-time mobile code—you’ve verified your identity.

Earlier this year, Twitter announced that it would be removing SMS 2FA that it would be removing SMS 2FA as a form of authentication for any user with a free account. The social media giant explained its decision by stating, “While historically a popular form of 2FA, unfortunately we have seen [SMS 2FA] be used—and abused—by bad actors.” Although experts agree that SMS 2FA can be exploited by cybercriminals, Twitter’s explanation was puzzling given that the company has kept SMS 2FA in place for users with a paid Twitter Blue subscription.

Regardless, if you’re a Twitter user and you’re looking to keep your account protected, you can find alternatives to SMS 2FA—ones that are demonstrated to be even more secure. Here are your options, along with broader advice on how to keep yourself safe in your digital life, including social media.

Enhance account safety with an authenticator app or security key

Your safest bet for multi-factor authorization is to install an authenticator app such as Google Authenticator, Microsoft Authenticator, Authy, or 2FA Authenticator. Most are available for free. When linked to your online accounts, an authenticator app generates its own verification codes in the app itself. No phone numbers are involved, so there’s less of an opportunity for cybercriminals to hijack the process and steal your personal information via a scam called SIM swapping.

Another good alternative is a physical security key such as Yubico YubiKey. (This isn’t free; you’d need to purchase it.) After linking the key to your online accounts, you either scan the key to your phone or plug it into a USB port as an extra measure of verification when logging into your accounts. According to Yubico, “this physical layer of protection prevents many account takeovers that can be done virtually.” If scammers wanted to access your account, they’d need to possess the key itself.

Once you’ve downloaded an authenticator app or purchased a security key, go to your security settings in Twitter—or any other site or app for which you’d like to add safety—and link the authenticator app or key to your account.

A comprehensive way to help prevent hacking and fraud

Whether or not you choose to activate multi-factor authentication on your accounts, it’s a good idea to strengthen the security of your passwords. And if you’re active on social media platforms like Facebook and Twitter, it’s worthwhile to carefully monitor your accounts for suspicious activity.

It’s easy to do both of those things and more as a member of IDX Complete. This comprehensive privacy and identity protection plan offers advanced tools including SocialSentry, which automatically monitors your social accounts for signs of hacking, fraud, and inappropriate content; and Password Manager, which generates random, hard-to-hack passwords for all of your online accounts and stores them in a single encrypted spot.

Should you become victimized by identity theft, you’ll be supported with continuous monitoring of your credit report and credit score; identity theft insurance covering reimbursement costs for eligible expenses up to $1 million; and access to IDX’s team of recovery experts.

While Twitter may have taken away a common security measure for its free users, the good news is that more effective alternatives exist. Add multi-factor authentication to your accounts, and protect yourself on social media and beyond with a full privacy and identity protection plan.


About IDX

We're your proven partner in digital privacy protection with our evolving suite of privacy and identity products.