Twitter is about to get less secure for millions of users - here's what you can do

Elon Musk in front of the Twitter logo
(Image credit: Kovop via Shutterstock)

If you've been following the Twitter saga closely, then you will know that today, March 20, is the day that the social media giant is disabling its two-factor authentication (2FA) via SMS feature for those without a subscription to Twitter Blue.

This is bad enough for individual users, but for businesses the danger is even more pronounced, as it means threat actors can breach enterprise accounts with the firm's login credentials alone, allowing them to besmirch the reputation of the brand by writing malicious tweets or impersonating them in acts of identity theft.

Yesterday was the deadline for switching to a different authentication method for 2FA, such as using an authenticator app to generate your authentication codes instead of a text message. If you failed to change in time, then 2FA will be gone forever now unless you sign up and pay for Twitter Blue. But don't worry, as there are still ways to keep your free Twitter account secure.

Twitter blues

First of all, it is worth mentioning that SMS authentication is considered to be one of the least secure methods. SMS texts can be much more easily intercepted by threat actors in acts of Sim swapping, where criminals manage to port your phone number to their own device so they can see every message you receive. 

Even without any form of 2FA or multifactor authentication (MFA) in place, you can still improve your security posture in other ways. Having a strong password is a must - one that avoid obvious phrases such as 'password1234' and the like. You'd be surprised how many prominent businesses still use these

What puts people and business off creating strong passwords, however, is that their complexity makes them hard to remember, especially if you adhere to the other recommended practice of creating a unique password for every account you have. 

This is where password managers come in. They take care of creating and storing your strong passwords for you, so there's no need to commit them to memory. Enterprises will want to take advantage of the features offered by the best business password managers, as these allow for multiple users to safely and securely store and use all the passwords used by your organization.  

Good password managers will also let you know if your credentials have been leaked in any data breach, so if Twitter were to succumb to an attack, then they should let you know and give you the chance to change your password immediately. Although an organization as big as Twitter should let users know directly if they've been affected by a breach. Under Elon Musk's tenure, however, anything is possible it seems.  

Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 


His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.


He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.