Twitter to charge $8 a month for SMS two-factor authentication, and 75% of users are at risk

Toggle sidebar Toggle sidebar
Just_Me_D

Just_Me_D

Ambassador Team Leader, Senior Moderator
Moderator
Jan 8, 2012
58,436
313
83
Nothing to report here. Unless you’re a Twitter Blue subscriber, nothing has changed.
 
Ed7789

Ed7789

Ambassador
Mar 10, 2012
3,073
161
63
Just_Me_D said:
Nothing to report here. Unless you’re a Twitter Blue subscriber, nothing has changed.
Click to expand...

I’m kind of confused on the statement. I would argue that it’s IF you’re a Twitter Blue subscriber that nothing changed.

Above notwithstanding, SMS 2FA is poor, security-wise, so no big loss there.
 
Up_And_Away

Up_And_Away

Well-known member
Aug 27, 2021
1,215
46
48
I don’t use Twitter, FB etc. No offense intended to anyone but IMHO it’s an impulse baiting-thought killing echo chamber toxifying society.
Be that as it may, maybe I don’t get the issue on this item. In 2023 there is an MFA that does not include the option of cell phone text code?
 
Up_And_Away

Up_And_Away

Well-known member
Aug 27, 2021
1,215
46
48
Ed7789 said:
I’m kind of confused on the statement. I would argue that it’s IF you’re a Twitter Blue subscriber that nothing changed.

Above notwithstanding, SMS 2FA is poor, security-wise, so no big loss there.
Click to expand...

No offense intended Ed but that’s just not true. SMS text option for 2FA is not “poor” security wise. It isn’t an authenticator app but it’s many country miles from poor. We have been using it frequently as part of 2FA (when SSO isn’t applicable) it nearly wiped out users getting their accounts logged into by nefarious sources.
 
Ed7789

Ed7789

Ambassador
Mar 10, 2012
3,073
161
63
Up_And_Away said:
No offense intended Ed but that’s just not true. SMS text option for 2FA is not “poor” security wise. It isn’t an authenticator app but it’s many country miles from poor. We have been using it frequently as part of 2FA (when SSO isn’t applicable) it nearly wiped out users getting their accounts logged into by nefarious sources.
Click to expand...

It is better than none, on that I agree.

However, allow me to share this report by the USA’s NIST: https://pages.nist.gov/mobile-threat-catalogue/authentication-threats/AUT-0.html

In particular, the “Mobile Device User” paragraph (emphasis mine):
To mitigate an attacker’s ability to achieve authentication using a stolen credential, when possible, configure services to use multi-factor authentication. Ideally, the additional factor should be provided by a separate device than the one being used to perform primary authentication (e.g., laptop and mobile app). Further, avoid the use of SMS messages for 2FA codes, as SMS messages can be readily intercepted.
Click to expand...
 
You must log in or register to reply here.

Similar threads

iMore.com
iPhone users will pay more for Twitter Blue thanks to Apple
Replies
19
Views
969
iMore.com News Discussion & Contests
Travons
Travons
iMore.com
Elon Musk pitches Twitter Blue, including verification, for $8 per month
Replies
5
Views
316
iMore.com News Discussion & Contests
Wotchered
Wotchered
iMore.com
Twitter users furious over plans to charge $20 a month for verification and remove ticks if you don'
Replies
0
Views
188
iMore.com News Discussion & Contests
iMore.com
iMore.com
iMore.com
Apple changed how 2FA SMS codes look for better security
Replies
0
Views
333
iMore.com News Discussion & Contests
iMore.com
iMore.com
iMore.com
Users furious as Twitter announces it's killing TweetDeck app for Mac
Replies
0
Views
245
iMore.com News Discussion & Contests
iMore.com
iMore.com

Latest posts

Trending Posts

Staff online

Members online

Total: 350 (members: 9, guests: 341)

Forum statistics

Threads
255,890
Messages
1,747,623
Members
440,991
Latest member
Moraandrew

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom