X, previously known as Twitter, has made a significant change to one of their account security features. SMS 2FA, a widely used two-factor authentication method, is a common way to secure accounts or profiles, and it has traditionally been provided for free by many websites and applications. However, X has decided to lock this feature behind a paywall, citing that misuse of SMS 2FA was costing the company millions. Users must now subscribe to X’s premium plan to access this convenient security layer.
SMS 2FA works by adding your phone number to your account, so when you log in, a message is sent to your number with a code to enter into your account. This adds an important layer of security, as it helps verify your identity using your personal phone number. If someone else gains access to your password and attempts to log in, they will be blocked because they don’t have access to your phone or messages.
This form of 2FA is popular across many platforms and is typically offered for free, as other platforms also prioritize the security of your account and data.
X's decision doesn’t imply that they don’t care about security. According to a statement by X, the company made this change because the SMS 2FA feature was being misused, leading to substantial costs. Despite this, X still offers two other free MFA (Multi-Factor Authentication) options: an authenticator app and a security key. While these alternatives might not be as straightforward or commonly used as SMS 2FA, they are actually more secure and are highly recommended.
Although X has made SMS 2FA a paid feature, it's important to note that this method is considered the weakest among the available authentication options. While this move might save the company money, it may need to be reconsidered given its popularity and ease of use, to ensure users aren’t discouraged from protecting their accounts.
Reference
X corporation. (February 15th, 2023). An update on two-factor authentication using SMS on Twitter. X Blog. https://blog.x.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter
Comments