There’s a lot happening on Twitter and not all of it is good for the micro-blogging major. Here’s one development that may actually pay off for the brand that has been eyeing its verified Blue (paid) accounts as a revenue stream – after disabling it briefly with disastrous consequences.
Starting 20 March 2023, non-Blue account holders on Twitter who had two-factor authentication via text enabled, saw the security layer disabled. A 15 February announcement from the company stated that the three methods of two-factor authentication will still hold, but post 20 March, only Twitter Blue subscribers will be allowed to use the text message/SMS method. The others are an authentication app or a security key, and understandably not as popular as the simpler SMS / text.
Twitter reasoned, “While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors.”
For the uninitiated, Twitter Blue costs Rs.6,800 (Rs.566.67 per month) for the yearly plan and Rs.650 per month (Rs.7,800 per year) for the monthly plan.
“Will new 2FA policy boost adoption of Twitter Blue?” we asked. Some say that the two-factor authentication is actually being made more robust and must be welcomed.
Vulnerable to hacking and fraud
SMS and phone number-based authentication have been common methods used by many online platforms for a long time to verify user identities. However, this method has several security flaws that make it vulnerable to hacking and fraud. I believe that Twitter’s emphasis on account security is a positive move. The new 2FA policy is a great step towards improving account security. Requiring users to have a physical security key or a third-party authentication app just ends up adding an extra layer of protection to their accounts. This policy may encourage users to take their account security more seriously and become more aware of the potential risks. By pushing the users to more advanced security features, they are empowering them to take control of their online presence and protect themselves from potential threats.
– Mayank Vora, Co-founder, Logicloop
Unlikely to boost the adoption of Twitter Blue
Twitter’s recent decision to offer SMS-based 2FA exclusively to Twitter Blue users is unlikely to boost the adoption of Twitter Blue.
According to Twitter’s own Transparency Report published in July 2022, only 2.6 pc of active Twitter accounts use at least one form of 2FA. Among those who do, close to 75 pc use the SMS method. Further, within this group, some users use additional authentication methods as well (App Auth or Security Key).
It’s likely that the majority of SMS-based 2FA users already have the Twitter app and will switch to the App Auth method instead of paying for Twitter Blue. While SMS is convenient, it is not worth the annual cost of Rs 6,800 (USD 84).
Eliminating SMS-based 2FA for non-Blue users is a cost-saving measure since Twitter was estimated to be spending $60 million per year on SMS verifications.
In addition, encouraging the use of App Auth is a crucial enhancement to security since text messages can be intercepted by hackers. App Auth, on the other hand, requires physical access to a device to generate a unique code, making it more difficult for hackers to gain access.
Removing SMS-based 2FA also has the residual effect of encouraging some web users to download the App for Auth App-based 2FA.
– Vishal Rupani, Ex Co-founder & CEO, mCanvas
Not all users may see the value
It is possible that the new 2FA (Two-Factor Authentication) policy could boost adoption of Twitter Blue, but it ultimately depends on how Twitter markets and positions the feature.
Twitter Blue is a subscription-based service that offers various features such as Undo Tweet, Bookmark Folders, and Reader Mode. The new 2FA policy requires users to use a physical security key or a 2FA app to log in to their account, which provides an additional layer of security.
By making this policy a part of Twitter Blue, Twitter is likely positioning the feature as a premium security option that is only available to paying subscribers. This could incentivise users to subscribe to Twitter Blue to access the enhanced security features, especially those who are concerned about their account security.
However, it is important to note that while security is a priority for many users, not all users may see the value in paying for additional security features. Additionally, there are many free 2FA options available, so Twitter will need to effectively communicate the benefits of their 2FA policy to convince users that it is worth the investment.
– Upendran Nandakumar, Founder, Ayatiworks
May lead to moderate increase in adoption of Blue
The new 2FA policy implemented by Twitter, which restricts the use of text message/SMS-based 2FA to Twitter Blue subscribers, may lead to a moderate increase in the adoption of the Twitter Blue subscription service. Several factors may contribute to this increase in adoption.
First, users who prioritise security and are concerned about the limitations of SMS-based 2FA might be more inclined to adopt Twitter Blue for the added security benefits. In these cases, the new policy may act as an incentive for users to upgrade their accounts.
Second, the availability of text message 2FA for Twitter Blue subscribers may vary by country and carrier, as stated in the announcement. This may limit the appeal of the feature for some users, depending on their location and mobile service provider.
Additionally, Twitter is a platform used by a vast number of individuals and organisations that are concerned about their brand identity. These users, who may not have applied for Twitter Blue yet, could face a security risk on their accounts in the absence of 2FA. This concern should encourage them to opt for the Blue subscription to better protect their accounts and maintain their brand’s reputation.
The new 2FA policy might attract users who value security and brand reputation to subscribe to Twitter Blue.
– Hardik Shah, Vice President, Puretech Digital
Hacking risks outweigh subscription cost
Since there are currently other 2FA options, such as Duo and Google Authenticator, private institutions might not feel the need to use Twitter Blue, but government institutions might.
Government institutions may not be enthusiastic about the notion of utilising any third-party applications for 2FA. The other option, which involves a physical security key, might not be as popular because a dematerialised method of safety, which carries no risk of theft and requires no special handling or storage, is not only more practical but also more convenient.
The risks associated with the recent increase in Twitter handle hacking incidents outweigh the cost of Twitter Blue subscriptions.
– Somya Khera, Social media strategist, Auburn Digital Solutions
(Feedback: [email protected])
