Untitled attachment

Notices where this attachment appears

1. Jerry Bell :verified_paw: :donor: :verified_dragon: :rebelverified:​ (jerry@infosec.exchange)'s status on Sunday, 19-Feb-2023 12:59:01 JST Jerry Bell :verified_paw: :donor: :verified_dragon: :rebelverified:​

   I decided to cross the two incredibly annoying streams and asked chatgpt about twitter sms 2FA:

   Q: Was it a good idea for twitter to make sms two factor authentication a paid feature?

   A: Twitter's decision to make SMS-based two-factor authentication (2FA) a paid feature is a matter of debate. Twitter announced the change in 2019, stating that they were making the move to encourage users to switch to more secure methods of 2FA, such as using an authentication app.

   While SMS-based 2FA is better than no 2FA at all, it has been shown to have some vulnerabilities. For example, SMS messages can be intercepted by attackers, and SIM swapping attacks can be used to bypass SMS-based 2FA.

   By making SMS-based 2FA a paid feature, Twitter is likely hoping to encourage users to switch to more secure methods of 2FA, which will ultimately help to protect their accounts better. However, this move may also make it more difficult for some users, particularly those in developing countries, to access 2FA, which could have negative consequences.

   In general, it is recommended that users switch to more secure 2FA methods, such as an authentication app or security key, as these are generally more secure than SMS-based 2FA. However, it is important for platforms to consider the needs and limitations of all of their users, and to provide alternative, accessible 2FA methods for those who cannot afford to pay or who lack the technical expertise to use more secure methods.