02/21/2023

Account Takeover

How to protect yourself from Twitter’s two-factor authentication crackdown

The latest bizarre move of Elon Musk's Twitter ownership weakens the security of millions of accounts. On Feb. 17, Twitter announced plans to stop people using SMS-based two-factor authentication to secure their accounts—unless they start paying for a Twitter Blue subscription. However, there are more secure, free and easier ways to continue protecting your Twitter account with two-factor authentication.

Two-factor authentication, also known as 2FA or multi-factor authentication, is one of the most effective ways to protect your online accounts from being hacked. When logging in to a website, app or service, 2FA requires you to sign in using your username and password, then verify that the login is authentic using another piece of information. Most commonly, this involves entering a temporary code that is generated or sent to you in real time.

This second piece of information helps to prove that the person logging in is actually you. While billions of passwords have been compromised online, the 2FA code is often delivered to or created by the device that is in your pocket. Having any kind of two-factor authentication turned on is better than none. However, it isn't entirely foolproof. For years, security researchers have warned that SMS-based two-factor authentication isn't as secure as other 2FA options.

Please select this link to read the complete article from WIRED.