We all know that having two-factor authentication on any important account is critical to keeping your account secure. And despite the fact that in the social network recently acquired by Elon Musk this option was available (properly) the situation is about to change. Especially now that said function will be behind a “paywall”. We will have to pay a certain amount of money in order to protect our account. Although there are alternatives to protect a Twitter account without having to pay Bluefor free, as it should be.
Luckily, SMS 2FA is not the only way we have to keep our Twitter account protected, there are still other methods that are free, we hope they last a little longer. However, what we must consider is that the ban on the use of this function, at least for non-premium users, is a relatively positive thing, since this function should not be used in the first place.
And let’s be honest, although it seems safe and we do not deny that it is to a large extent, it also leaves us exposed to possible vulnerabilities for SIM swapping attacks. What usually happens when a malicious actor uses social engineering or other access to your mobile carrier reassigns our phone number to them.
When the hacker gains access to our phone number, they are able to intercept the verification codes we receive through text messages or phone calls, allowing them to log in before we do.
Twitter plans to disable two-factor authentication via SMS for non-paying users on March 19. But it won’t replace it with another method, it will just disable it. So let’s see how to add another method to keep our account safe.
How to protect my Twitter account without Blue? What other options do we have?
We may also use an authenticator application or security key as an additional layer of protection when logging in. Authenticator apps, such as Google Authenticator either Microsoft Authenticator, they generate one-time passwords that are changed after a short period of time. In the same way that happens with verification SMS, we can use these codes to enter our accounts; although these codes are found in the app, not in the SMS.
While the solution proposed by these apps is not invulnerable to hackers, it is still more secure than SMS 2FA.
As for security keys, they are one of the most secure forms of 2FA because the key itself verifies that the service is valid to help prevent phishing, and is definitely more convenient than copying a code. But this method is more complex, since it requires us to buy a physical piece of hardware that we will connect to the phone or computer.
The way in which the key is used will depend on what we buy, since some come with support for USB-C, USB-A and Lightning, while others allow NFC. We also find many key security brands, such as Yubico’s that have full compatibility with Twitter.
Enable the authenticator app on Twitter
But let’s go back to the simplest, to what is in everyone’s hands: the authenticator application. It is a good choice to protect our account.
- We open the website of the platform (we cannot use the Twitter app to configure the application).
- We will click on the three-point icons found on the left sidebar of the screen, select Settings and support> Settings and privacy.
- Next, we are going to click Security and account access> Security> Two-factor authentication.
- Here we will have to choose Authentication application and we will enter our password in case it is requested.
- Click on Start to start the process and we will see a QR code on the screen.
- Now it will be when we open the authenticator application on our device, we choose to scan the QR code of the app and this will link the account with the authenticator app.
- When we’re done, we’ll go back to Twitter. Press Next and enter the code generated by our application, then Confirm.
- On the next screen, we will see a one-time use Twitter backup code. We will have to keep it in an extremely secure place in case we lose our phone or the authenticator application.
And basically, that would be it. This way we can still keep our account safe and free.