Essential security measures behind a paywall? Multi-factor authentication (MFA) is one of the most useful and widely recommended safety features that most websites offer, and offer for free. Twitter is now removing SMS-based authentication for non-Twitter Blue users, effectively taking away a security feature users have had access to for years, with no clear benefit to anyone except the company.
The alternatives currently visible in account settings are:
Authenticator App
Using any popular authenticator app such as Google Authenticator, Microsoft Authenticator, or Duo. These apps can be linked to your Google or Microsoft account and sync across devices. Even if you lose access to your SIM, as long as you have an internet connection, you'll either receive a prompt on the app to approve or deny the authentication request, or generate a time-based code to input at login.
Security Key
A physical device you insert into the device you're trying to log into, or that uses NFC to communicate with any NFC-enabled device. These require no power, working the same way your NFC-enabled bank card would.
Either option is an excellent addition to your existing security measures. This is a good moment to go through all your online accounts and check for MFA features, you'd be surprised how many have this option quietly tucked away in the security settings.
Originally published on LinkedIn.