Twitter users in Kenya and around the world woke up to the message captured in the image below (keep scrolling) informing them that they needed to be subscribers to Twitter’s premium tier, Twitter Blue, in order to use the platform’s two-factor authentication feature.
The move, Twitter has since explained, the reasons why:
“While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers. The availability of text message 2FA for Twitter Blue may vary by country and carrier,” Twitter notes in an update.
Twitter’s statement makes reference to the options that users of its two-factor authentication feature who are not subscribed to Twitter Blue and either have no interest or immediate plans to do so or, like those in Kenya, have no access to the premium subscription tier, yet, have available to them. Such users can continue using 2FA, just not the text-based one, which is likely to be a lot more common among Twitter users.
Twitter users can turn to third-party authentication apps such as Google Authenticator, Microsoft Authenticator and others to get verification codes every time they attempt to sign on to the platform on the web or through mobile apps.
There is also an option to use physical security keys such as YubiKey but those have a barrier for entry: for Kenyans, they are hard to come by (many a time, you’ll have to import) and they cost money while the apps like the aforementioned from Google and Microsoft don’t cost anything. So, two-factor hardware tokens like YubiKey and others may not really be the solution that many Kenyans will turn to for their security.
Failure to set up an alternative two-factor authentication channel, for those that have 2FA turned on on their Twitter accounts, by March 20th (i.e. in 30 days) will have the option turned off/disabled automatically by Twitter.
While Twitter cites misuse of the text 2FA, the company has increasingly been pulling features that have been free for years and putting them behind a paywall, probably as part of its monetization strategy. Recently, the platform has disabled access to its APIs by developers before shortly offering it at a fee and with limited access.
On the consumer-facing front, Twitter Blue subscribers have been receiving several new features, the latest being the ability to write longer tweets (up to 4,000 characters, up from the standard 280).
Additionally, Twitter Blue subscribers get a blue checkmark verification, access to a reader mode that allows them to read tweet threads without all the clutter, they can sort their bookmarked tweets using folders, can edit tweets, they get to upload 1080p videos and, access to upcoming new Twitter features under the Twitter Blue Labs. Soon, they will be prioritized in searches, mentions and replies as new Twitter owner Elon Musk escalates the fight against spam, bots and scams on the platform. Also marked as “coming soon” is the ability to post longer videos (up to an hour) and see at least 50% fewer ads than non-verified users.
A Twitter Blue subscription costs US$8 but, iOS users who opt to subscribe via the Apple App Store/in-app pay US$11 since Twitter slaps the 30% it is supposed to pay Apple for using its platform on top of the user fee instead of absorbing the cost.
Other than being able to meet the cost associated with the subscription either yearly or monthly, for one to subscribe to Twitter Blue they need to have a phone number associated with their account and for their Twitter account to have been active for at least 3 months (90 days). They also need to be in any of the following countries where Twitter Blue is currently available: the US, Canada, Australia, New Zealand, Japan, the UK, Saudi Arabia, France, Germany, Italy, Portugal, Spain, India, Indonesia, and Brazil.
