5/31/2023 0 Comments Keep it cleanThis is so much more secure as the code never leaves your device.Designed for superior defense against outdoor elements, including tracked-in mud from the trail or messes from spills, the JPP heavy-duty floor system and JPP heavy-duty vinyl seats provide the ultimate level of surface protection and functionality when deep cleaning is needed. (Many online sites, services and apps also offer app-based 2FA.) Instead of having a code sent to your phone by text message, you can generate a code through an authenticator app on your phone - like Duo, Authy or Google Authenticator to name a few. Instead of using 2FA codes sent by text message, you need app-based 2FA, which is far more secure and is as fast as receiving a text message. ![]() Regardless of whether or not you have abandoned your Twitter account in favor of alternative, decentralized services like Mastodon and others, you will still want to take action before March 20 to secure your account in the event that someone breaks in and starts tweeting on your behalf. ![]() You can still protect your account with strong 2FA without paying Elon Musk a dime. The silver lining - if we can call it that - is that Twitter isn’t scrapping 2FA altogether. In fact, companies like Mailchimp take the opposite (but correct) approach by encouraging users to switch on 2FA by discounting customers’ monthly bills. But Twitter’s new policy is not the way to encourage users to use a more secure 2FA. That all being said - and this is important - SMS 2FA still provides far greater protections for your accounts than not using 2FA at all. If anything, by encouraging paid users to rely on SMS 2FA, their Twitter accounts are more prone to takeovers if their phone number is hijacked. But making SMS 2FA available to only Twitter Blue subscribers doesn’t make paying users any more protected from SIM swap attacks. By taking control of a person’s phone number, the hacker can impersonate the victim - as well as receive text message codes that can allow the hacker access to a victim’s online accounts. This might refer to SIM swap attacks, where a hacker convinces your cell provider to assign a victim’s phone number to a device controlled by the hacker. Twitter justified the decision in its blog post, saying SMS 2FA can be abused by bad actors. We’d ask Twitter for comment, but Musk fired its entire communications team. It’s likely that the move to eliminate SMS 2FA was to save the company money, given sending text messages isn’t cheap. Since Elon Musk’s $44 billion takeover, Twitter has been hemorrhaging cash and employees. It’s not clear for what reason this new 2FA policy, first revealed by Platformer’s Zoë Schiffer and later confirmed by Twitter, was instituted. ![]() ![]() Instead, you’re looking at one of the stupidest security decisions made by a company playing out in real time. Twitter claims it is “committed to keeping people safe and secure on Twitter.” This is not true. If you have an easily guessable Twitter password or use that same password on another site or service, you should take action sooner rather than later. That means that anyone who relies on Twitter sending a text message code to their phone to log in will have their 2FA switched off, allowing anyone to access their accounts with just a password. Twitter users that don’t switch to a different type of two-factor authentication will have the feature removed from their accounts by March 20. In a blog post, Twitter said that it will only allow accounts that subscribe to its premium Twitter Blue feature to use text message-based 2FA. Late on Friday, Twitter announced a new policy that will remove text message two-factor authentication ( 2FA) from any account that won’t pay for it.
0 Comments
Leave a Reply. |