Conversation

Notices

1. Ishtar (ishtar@catgirls.nya.gay)'s status on Sunday, 19-Feb-2023 02:53:36 JST Ishtar

   in reply to

   • Lauren Weinstein

   @lauren@mastodon.laurenweinstein.org >they are much better than nothing
   
   given the choice between having my account's authentication info sent over sms (controlled by telecom companies, analyzed for marketing, intercepted en masse by feds, vulnerable to multiple pretty easy attacks), and that not taking place, I'm picking the latter. twitter did people a favor here, and they're screwing over the ones dumb enough to pay for a blue checkmark. we should celebrate!

   • matrix07012 :thotpatrol: :cunnyEmpire: likes this.
   • Lauren Weinstein (lauren@mastodon.laurenweinstein.org)'s status on Sunday, 19-Feb-2023 02:53:37 JST Lauren Weinstein

     **** In windfall for hackers, #Twitter
     will disable 2 factor authentication by sms (text messages) if you don't pay them! ****

     Twitter has three methods of 2 factor authentication -- SMS text messages, authentication codes, and security keys. We all know that text messages are the least secure of these -- still, they are much better than nothing, and the exclusive choice of vast numbers of users of virtually all services offering 2fa.

     Now Twitter has announced that unless you pay them by joining Twitter Blue for $8 month, text message 2fa will no longer be available, and will even be switched off on existing accounts, even if no other 2fa option is currently enabled. In other words, they're saying that they will unilaterally disable 2fa on likely some vast number of user accounts -- unless you pay them.

     I have never heard of such an irresponsible and greedy scheme relating to account authentication in my life, but it is very Musk. -L

     https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter