If you’ve been following the Twitter saga closely, then you will know that today, March 20, is the date the social media giant is disabling its two-factor authentication (2FA) via SMS feature for those without a subscription to Twitter Blue.
This is bad enough for individual users, but for businesses the danger is even more pronounced, as it allows for threat actors to breach and gain access to enterprise accounts with only the firm’s login credentials and allowing them to besmirch the reputation of the brand by making malicious tweets or impersonating the brand in acts of identity theft.
Yesterday was the deadline for switching to a different authentication methods for 2FA, such as using an authenticator app to generate your authentication codes instead of a text message. If you failed to change in time, then 2FA will be gone forever now unless you sign up and pay for Twitter Blue. But don’t worry, as there are still ways to keep your free Twitter account secure.
Twitter blues
First of all, it is worth mentioned that SMS authentication is considered one for the least secure methods for authentication. SMS texts can be much more easily intercepted by threat actors in acts of Sim swapping, where the criminals have your phone number in their own device to see every message you receive.
Even without any form of 2FA or multifactor authentication (MFA) in place, you can still improve your security posture in other ways. Having a strong password is a must – one that avoid obvious phrases such as ‘password1234’ and the like. You’d be surprised how many prominent businesses still use these.
What puts people and business off creating strong passwords, however, is that their complexity makes them hard to remember, especially if you adhere to the other recommended practice of creating a unique password for every account you have.
This is where password managers come in. They take care of creating and storing your strong passwords for you, so there’s no need to commit them to memory. Enterprises will want to take advantage of the features offered by the best business password managers, as these allow for multiple users to safely and securely store and use all the passwords used by your organization.
Good password managers will also let you know if your credentials have been leaked in any data breach, so if Twitter were to succumb to an attack, then is should let you know and give you the chance to change your password immediately. Although an organization as big as Twitter should let users know directly if they’ve been affected by a breach. Under Elon Musk’s tenure, however, anything is possible it seems.
