Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


geoffwnz

1318 posts

Uber Geek

ID Verified

#303565 19-Feb-2023 14:12
Send private message

Anyone else noticed or been "warned" that if they don't either disable 2FA or purchase "Twitter Blue" they cannot have Twitter text 2FA?

 

 

 

Seems a bit of a great way to kill the app by forcing people to buy basic security.





Filter this topic showing only the reply marked as answer Create new topic
sdavisnz
995 posts

Ultimate Geek

Trusted

  #3039025 19-Feb-2023 14:14
Send private message

Hes only paywalling 2fa over SMS, you are free to use other types of 2fa that does cost twitter alot of money like sms.





Voice gives context

 
 
 

You will find anything you want at MightyApe (affiliate link).
geoffwnz

1318 posts

Uber Geek

ID Verified

  #3039026 19-Feb-2023 14:16
Send private message

sdavisnz:

 

Hes only paywalling 2fa over SMS, you are free to use other types of 2fa that does cost twitter alot of money like sms.

 

 

Yep, further digging into the security settings I managed to discover this just now.  Certainly was not clear from the "warning" which I feel was carefully worded to point people towards paying rather than switching to a different 2FA method.





boosacnoodle
742 posts

Ultimate Geek


  #3039080 19-Feb-2023 17:46
Send private message

SMS typically costs money to send, or receive (as the case may be in USA). So I’d just put it down to Elon cost cutting.




Lias
5402 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3039136 19-Feb-2023 21:34
Send private message

Never mind that SMS 2FA is widely considered insecure and should be banned.





I'm a geek, a gamer, a dad and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it.


michaelmurfy
meow
12655 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3039139 19-Feb-2023 21:48
Send private message

Lias:

 

Never mind that SMS 2FA is widely considered insecure and should be banned.

 

While I agree with you it is also a double edged sword.

 

Lets say somebody on Twitter has the password "Password1!" which has been seen by Pwned Passwords 7960 times before and is often the 2nd or 3rd password tried on any password list an attacker still wouldn't be able to access a users account due to a 2FA method enabled.

 

Now, if that same user didn't have SMS based 2FA enabled? The attacker will be straight in.

 

SMS based 2FA while insecure and unreliable is still seen as a "better than nothing" method. Sure, there are potential ways around it but for a standard script kiddie brute-forcing somebody with commonly used passwords it has already protected the account from compromise.

 

Now, considering the message is not actually that clear in what to do next (apart from paying them) and doesn't even suggest diving into your settings to enable app-based 2FA my worry is it is suddenly going to open up a bunch of accounts all because Elon wants to cut costs. People don't know about alternative methods and I've already had to teach 4 people how to use Microsoft Authenticator as it is an easy to explain app.

 

This is why SMS based 2FA still has its place. Most people don't know better but are slowly adapting. This is also why banks still use it also (along with other methods like banking app push notifications).





Michael Murphy | https://murfy.nz
Referral Links: Octopus Energy ($50 Credit) | Tesla | Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.


Filter this topic showing only the reply marked as answer Create new topic





News and reviews »

One New Zealand Extends 3G Switch-off Date
Posted 11-Apr-2024 08:56


Amazon Echo Hub Review
Posted 10-Apr-2024 18:57


Epson Launches New Versatile A4 Desktop Scanners
Posted 10-Apr-2024 15:31


Motorola Mobility Launches New Android Phones in New Zealand
Posted 10-Apr-2024 14:59


Logitech G Unveils the PRO X 60 Gaming Keyboard
Posted 9-Apr-2024 19:01


Logitech Unveils Signature Slim Keyboard and Combo
Posted 9-Apr-2024 13:33


ExpressVPN Launches Aircove Go Portable Router With Built-in VPN
Posted 26-Mar-2024 21:25


Shure MoveMic Review
Posted 25-Mar-2024 12:47


reMarkable 2 Launches at JB Hi-Fi New Zealand
Posted 20-Mar-2024 08:36


Samsung Galaxy S24 Ultra review
Posted 19-Mar-2024 11:37


Google Nest Wifi Pro Review
Posted 16-Mar-2024 11:28


Samsung Galaxy A55 5G and Galaxy A35 5G
Posted 12-Mar-2024 12:41


Cricut EasyPress Mini Zen Blue launches at Spotlight New Zealand
Posted 12-Mar-2024 12:32


Logitech Introduces MX Brio Webcam
Posted 12-Mar-2024 12:24


HP Unveils Broadest Consumer Portfolio of AI-Enhanced Laptops
Posted 3-Mar-2024 18:09









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







Backblaze unlimited backup