Twitter said on Friday that it will only allow paid customers to use text messages as a two-factor authentication method to secure their accounts.
“After March 20th, only Twitter Blue subscribers will be able to use text messages as a two-factor authentication method,” the company tweeted.
Two-Factor Authentication (2FA), to make accounts more secure, requires the account holder to use an authentication method other than a password. Twitter allows 2FA via text message, app authentication, and a security key.
The company believes phone-number-based 2FA is being abused by “bad actors,” according to Wednesday’s blog post attached to the company’s tweet.
Twitter owner Elon Musk tweeted “yup” in response to a user’s tweet that the company was changing policy “because telcos used bot accounts to pump 2FA SMS,” and that the company was “on scam SMS.” was losing $60 million a year.
Blue Check Mark, previously free for verified accounts of politicians, celebrities, journalists, and other public figures, is now open to anyone willing to pay.
Last month, Twitter said it would keep the price of Twitter Blue subscriptions for Android at $11 a month, the same as for iOS subscribers.