Industry Insights: Preserving The Security Of Your Twitter Account Just Became An Emergency Situation
This weekend, I had my usual nightly bout of insomnia where around 2 or 3 am, I start scrolling my various newsfeeds.
However, this time when I opened my Twitter, I saw this alert:
My instant thought -- amidst the foggy head of the hour -- was that this was akin to mafia protection money.
"Oh, you want that pretty little Twitter account of yours to stay safe? Well, you better pay us..."
But under the light of day, let's examine for a moment what this is all about, what it means for those of us who refuse to give Elon a red cent, and what to do about it.
We should all be using two-factor authentication on as many of our apps as possible. This helps save us from our accounts being compromised, taken over, hijacked, or or anything of a similar ilk.
Traditionally, Twitter offers various ways of doing this, which includes text message protection (where you will be texted a code if someone tries to log into your account), as well as authentication apps and security keys.
Under the latest desperate attempt by Twitter to make money as its being run into the ground, those who do not pay for Twitter Blue will not be able to use the text message version of this, and in fact, will have their accounts locked if they are currently using this form of protection and do not disable it or start paying by next month.
Now, while Twitter may CLAIM they are doing this to protect users and the network from "bad actors," it's clear they are the actual bad actors in this incredibly dumb security decision.
So, here's what you do:
Don't disable all 2FA. That's what the bad guys want you to do. You still need protection. And while text message 2FA was protection, there's other, actually better, protection out there.
Open your Twitter settings and go to security. Uncheck text alerts if it was what you had, and go through that process to disable. But then check "authentication app"
Now, you'll need to connect to your authentication app. I love Google Authenticator, but I also use Duo and others -- you might want to do this from your desktop as the easiest way to do this setup will be via a QR code, and you can take a photo of the code on your screen with your phone in seconds.
Twitter also lets you generate and save backup codes. ABSOLUTELY DO THIS. I live in perpetual fear of my phone dying or being lost or stolen and having a devil of a time connecting to my various apps that are on 2FA (as I said, endless anxiety keeps me up at night…). But backup codes help you get back in if your other methods are not available.
All in all though, this is a shitty thing to do from a company that's gotten progressively, well, shitty…but there’s still things we can do to maintain our accounts and keep them safe. And, if we’re still using our Twitter for everything from calls for sources to connecting with editors and publicists to researching, this remains important.
That’s all for today…have a great (rest of) weekend!
Aly Walansky's Newsletter is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.
Great tips!! Thanks for the heads up!!
Thank you for the heads up on this, Aly!