Twitter Implements New Restrictions On SMS-Based 2FA: Implications For Users

Twitter Implements New Restrictions On SMS-Based 2FA: Implications For Users
Twitter Implements New Restrictions On SMS-Based 2FA: Implications For Users


The most famous and popular App in the world Twitter announced that it would not support SMS Two-factor authentication for users that are not for blue tick subscriptions. The user who didn’t buy the subscription of blue tick subscription will no longer enjoy the feature of Two Factor SMS Authentication.


In 2022, the owner of Twitter Elon musk Announced plans for paid Twitter verification and he wants people to pay $20 to get a subscription to Twitter blue tick and membership of Twitter.

Twitter stop the SMS 2FA Feature:

Twitter stop the SMS 2FA Feature

After 20th March 2023, the account of the users that are using 2FA and did not buy the subscription of blue tick will be disabled. After this date, the user will no longer be able to use this feature in their account. At that time the option of two factors in the accounts will be disabled.

There is a report on account security that is released on the internet and shows the data between July 2021 and December 2021. The report states that the ratio of using 2FA is 2.6% and 74.4% of people are using SMS two-factor. The remaining 28.9% of people use authentication apps and 0.5% use hardware security keys.


Elon Musk tweeted on Twitter:

Elon Musk tweeted on Twitter

Musk wrote in his post that the popular app Twitter will lose $60 Million because of the fake 2FA SMS messages. He later said that the authentication apps are safer as compared to two-factor authentication. SMS factors are the risk of SIM swapping attacks on different mobile devices.

Don’t worry if you don’t know about the SIM Swapping attacks then I will tell you. SIM Swapping happens when the threat actor takes the control of his or her target mobile number by tricking or bribing the career employees to assign the numbers to the attacker-controlled SIM cards.

This will allow the threat actors to use their mobile numbers on their own used devices, take the victim’s SMS texts, and include SMS multi-factor authentication (MFA) codes. In Addition, they also log in to the accounts that use a phone number which is part of the credentials.


If you are not considering buying a subscription to blue tick then you have two options. Either you can use a security key or authentication app as your 2FA authentication method.

Possible impact for users outside of the US:

Some security options are not available in many parts of the world. Ireland reporter Gavan Reilly tweeted that the blue tick feature of Twitter is not available in his country yet. So there is no option to maintain the current security option.

The countries in which Blue ticks exist are Australia, New Zealand, Canada, the UK, Japan, France, Germany, Italy, India, Brazil, Indonesia, Portugal, and Spain. Twitter said that they are planning to expand this feature in many other countries. 


The Popular Company stop supporting the two-factor authentication Feature in their apps. After 20th March 2023, the company will disable those accounts that don’t buy the subscription of Blue tick.

You Might Also Like: Watch Your Favorite Sports Anywhere: PSL Live Streaming