Twitter security: Changes part of larger trend, expert says

BUSINESS

'We will see more of this,' tech expert says, as Twitter prepares to disable security feature for some users

Published Sunday, February 19, 2023 2:54PM EST Last Updated Sunday, February 19, 2023 2:54PM EST

Text:

On Saturday, Twitter users were alerted that the social media app will be disabling a major security feature for those who do not subscribe to Twitter Blue by March 19. The platform鈥檚 new premium service comes with a price tag of US$8 per month, and allows users to pay for verification.

But one cybersecurity expert said he thinks this initiative is part of a larger push to change how digital accounts are protected.

鈥淲hat they are removing is the SMS or text-based authentication,鈥� Ritesh Kotak, a tech and cybersecurity expert, told 麻豆影视 Channel on Sunday, referring to the one-time codes users receive via text message to access accounts. 鈥淲hat they鈥檙e really promoting here is using authentication apps or security keys.鈥�

Kotak said other mobile verification programs are generally more secure than SMS-based two-factor authentication.

The other component behind Twitter鈥檚 decision to abandon two-factor authentication via text, he said, 鈥渃omes down to dollars and cents.

鈥淓very time that code gets sent via text message, Twitter actually ends up getting charged,鈥� he explained. 鈥淓lon Musk and Twitter are claiming there鈥檚 actually fraud involved in that, where Twitter has lost about $60 million. So it鈥檚 two-fold.鈥�

But will these changes make users more vulnerable? The answer, Kotak said, is yes.

鈥淲here this becomes problematic is if you鈥檙e reusing passwords or if there鈥檚 a breach, there鈥檚 that level of protection that comes with two-factor [authentication which] won鈥檛 be there,鈥� Kotak said. 鈥淧ost-March 19, there are going to be individuals and accounts that are going to get hacked.鈥�

But properly securing digital accounts goes beyond just using the two-factor authentication feature, Kotak said, which may already expose users to security risks.

鈥淭here has been a huge push within the tech industry to move away from text-based SMS verification,鈥� he said. 鈥淭he reason for that is there are vulnerabilities, SIM swapping being one of them, numbers could be forwarded. It鈥檚 not 100 per cent secure. These authentication apps and security keys are much more secure.鈥�

Kotak said the tech industry is moving towards what鈥檚 called a 鈥減asswordless world,鈥� where authenticator apps will replace the need to remember numerous passwords.

鈥淎 lot of tech companies, Microsoft included, have been pushing the fact that they want you to use authentication apps, not SMS. It鈥檚 economical for them. But it鈥檚 also more secure for the user,鈥� he explained.

The best security measure, Kotak added, is to not reuse passwords. He also recommended enabling authentication apps such as Google Authenticator or Microsoft Authenticator.

In terms of future shifts in digital security measures, Kotak warns that this is just the start.

鈥淲e will see more of this,鈥� he said.

RELATED IMAGES

view larger image

The Twitter splash page is seen on a digital device, Monday, April 25, 2022, in San Diego. Twitter users were greeted early Saturday, Feb. 18, 2023 with an ultimatum from the social media app: Subscribe to the platform's new premium service or lose a popular account security feature. A pop-up message warned users they will lose the ability to secure access to their account via text message two-factor authentication unless they pay $8 a month to subscribe to Twitter Blue. (AP Photo/Gregory Bull, File)