Tech

How to keep your Twitter secure without giving Elon Musk any money TechCrunch

late on fridayTwitter has announced a new policy that will remove two-factor authentication in text messages (2FA) from any account that doesn’t pay for it.

In a blog post, Twitter said it will only allow paid subscription accounts Blue Twitter features using 2FA based on text messages. Twitter users who do not switch to the other type of two-factor authentication will have the feature removed from their accounts by March 20.

That means anyone who relies on Twitter sending a text message code to their phone to log in will have 2FA turned off, allowing anyone to access their account with just a password. If you have an easy-to-guess Twitter password or use the same password on another website or service, you should act as soon as possible.

Twitter claims it’s “committed to keeping everyone safe and secure on Twitter.” This is not the truth. Instead, you’re looking at one of the dumbest security decisions made by a company in real time.

For unknown reasons, this new 2FA policy, first revealed by Platformer’s Zoë Schiffer and later confirmed by Twitter, was established. Since Elon Musk’s $44 billion acquisition, Twitter has cash bleeding And workers. It is likely that the move to remove SMS 2FA is to save the company money, since sending text messages is not cheap. We wanted Twitter to comment, but Musk fired his entire communications team.

Twitter justifies the decision in its blog post, saying that SMS 2FA can be abused by bad guys. This may refer to SIM Swapping Attack, in which the hacker convinces your mobile carrier to assign the victim’s phone number to a device controlled by the hacker. By taking control of a person’s phone number, hackers can impersonate the victim — as well as receive text message codes that can allow hackers to gain access to the victim’s online accounts. But just offering 2FA SMS to Twitter Blue subscribers doesn’t keep paying users protected from SIM-swapping attacks. If anything, by incentivizing paid users to rely on SMS 2FA, their Twitter accounts will be more susceptible to takeover if their phone numbers are taken over.

As noted above — and this is very important — SMS 2FA still provides much better protection for your account than not using 2FA at all. But Twitter’s new policy is not a way to encourage users to use 2FA more safely. In fact, companies like Mailchimp take the opposite (but correct) approach by encourage users to enable 2FA by discounting the customer’s monthly bill.

The silver lining – if we can call it that – is that Twitter doesn’t get rid of 2FA entirely. You can still protect your account with powerful 2FA without paying Elon Musk a dime.

Regardless of whether you give up your Twitter account in favor or not alternative, decentralized services like Mastodon And othersyou still want to take action by March 20 to protect your account in case someone breaks in and starts tweeting on your behalf.

Instead of using a 2FA code sent via text message, you need an app-based 2FA, which is much more secure and as fast as receiving a text message. (Many online sites, services, and apps also offer app-based 2FA.) Instead of sending a code to your phone via text message, you can generate a code through a phone authenticator app. your phone — like Duo, Authy or Google Authenticator to name a few. This is a lot more secure because the code never leaves your device.

screenshot of Twitter's two-factor authentication settings

Image credits: TechCrunch (screenshot)

To set up this feature, make sure you have an authenticator app installed on your phone first. Go to your Twitter account, then go to Settings and PrivacyLater Security and account accessLater Protect. Once you are on Two-factor authentication settings, then select authentication app. Follow the prompts carefully — you may have to enter your account password to get started. Once done, you’ll be able to sign in with your password followed by a code generated from your authenticator app.

Remember, since this is a much more secure way of accessing your Twitter account, it means that if you lose your phone it will be very difficult to access your account again. That’s why you should write down your backup codes, which give you access to your account if you’re locked out, stored securely in your account. password manager. You can find your backup code in the same place you set up your app-based 2FA.




Source by [author_name]

news7h

News7h: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button
Immediate Peak