Twitter users who secure their accounts using text message will lose the extra layer of security after March 20 unless they change their two-factor authentication method or pay for the platform's subscription service.
Two-factor authentication allows people to protect their accounts even if someone has stolen their password. Twitter users who have this security process enabled are able to log into their account after they enter their password and a code they receive through a text message or an authenticator app. They can also use a security key.
The company said in a blog post it is no longer allowing "accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers."
"To be clear, two-factor authentication is still not required to log into Twitter, although we highly encourage users to enable it. This change just restricts the 2FA methods available for accounts not subscribed to Twitter Blue," Twitter Support tweeted Friday. Twitter Blue, the platform's subscription service, costs $8 per month if you subscribe through the web or $11 a month on a mobile device.
Twitter users can change their two-factor authentication app through their account settings. Once users click "security and account access," there are three options listed in a section for 2FA.
Twitter's announcement came hours after Platformer's Zoë Schiffer tweeted that the social network planned to make this change. It's another example of how Twitter is trying to entice more users to subscribe to Twitter Blue as advertisers pull back spending after billionaire Elon Musk's $44 billion takeover of the company last year. The Information reported earlier this month that Twitter has roughly 180,000 subscribers in the US, meaning that the service doesn't seem to be particularly popular among the platform's users. The company has tried to get more people to subscribe by offering a coveted blue checkmark, longer tweets and other features.
The change also comes as Twitter faces more scrutiny and whistleblower complaints regarding account security. Last year, Twitter users complained that two-factor authentication wasn't working properly. The company said at the time that it was looking into instances where SMS codes weren't being delivered.
Two-factor authentication via text message, Twitter said in its new blog post, has been "used -- and abused -- by bad actors." Hackers have tried to access codes sent through text message by transferring a person's phone number to another device in what is known as SIM swapping.
Twitter users who disable text message 2FA will not automatically have their phone number disassociated from their account but can update their number in the account's settings, the company said.