Twitter is about to get less secure for millions of users - here's what you can do

(Image credit: Kovop via Shutterstock)

If you've been following the Twitter saga closely, then you will know that today, March 20, is the day that the social media giant is disabling its two-factor authentication (2FA) via SMS feature for those without a subscription to Twitter Blue.

This is bad enough for individual users, but for businesses the danger is even more pronounced, as it means threat actors can breach enterprise accounts with the firm's login credentials alone, allowing them to besmirch the reputation of the brand by writing malicious tweets or impersonating them in acts of identity theft.

Yesterday was the deadline for switching to a different authentication method for 2FA, such as using an authenticator app to generate your authentication codes instead of a text message. If you failed to change in time, then 2FA will be gone forever now unless you sign up and pay for Twitter Blue. But don't worry, as there are still ways to keep your free Twitter account secure.

Twitter blues

First of all, it is worth mentioning that SMS authentication is considered to be one of the least secure methods. SMS texts can be much more easily intercepted by threat actors in acts of Sim swapping, where criminals manage to port your phone number to their own device so they can see every message you receive.

> These are the best identity theft protection tools for families

> Meta's 2FA security protections could have been switched off with ease

> The journey to passwordless – it's a marathon, not a sprint

Even without any form of 2FA or multifactor authentication (MFA) in place, you can still improve your security posture in other ways. Having a strong password is a must - one that avoid obvious phrases such as 'password1234' and the like. You'd be surprised how many prominent businesses still use these.

What puts people and business off creating strong passwords, however, is that their complexity makes them hard to remember, especially if you adhere to the other recommended practice of creating a unique password for every account you have.

This is where password managers come in. They take care of creating and storing your strong passwords for you, so there's no need to commit them to memory. Enterprises will want to take advantage of the features offered by the best business password managers, as these allow for multiple users to safely and securely store and use all the passwords used by your organization.

Good password managers will also let you know if your credentials have been leaked in any data breach, so if Twitter were to succumb to an attack, then they should let you know and give you the chance to change your password immediately. Although an organization as big as Twitter should let users know directly if they've been affected by a breach. Under Elon Musk's tenure, however, anything is possible it seems.

Here are the best security keys to take your MFA to the next level

Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks.

His area of expertise lies in computer peripherals and audio hardware, including speakers and headphones, having spent over a decade exploring the murky depths of audio production and PC building. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.

Latest

Intel quietly launched mysterious new AI CPU that promises to bring deep learning inference and computing to the edge — but you won't be able to plug them in a motherboard anytime soon

See more latest ►

Twitter blues

Are you a pro? Subscribe to our newsletter

Most Popular