MartinMar 15, 2023
Everyone I know who works in security has seen Some Stuff. But I've never seen a website that told users you must remove two-factor authentication.
Show threadSimon ZerafaMar 15, 2023

@mshelton

It's costing Twitter too much to send the codes via SMS allegedly so the're turning it off.

I doubt it's saves a huge amount but it's another step to bankruptcy.

Show threadRS, Author, Novelist, ProsaistMar 15, 2023

@simonzerafa @mshelton Not wanting to be a Twitter apologist, but from https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter:

unfortunately we have seen phone-number based 2FA be used - and abused - by bad actors.

They do state they are removing phone 2FA because it poses security issues.

Show threadQCATOPR Mar 15, 2023
@sfwrtr @simonzerafa @mshelton Don't be. This was done this way solely to shill his eight buck plan; otherwise he'd disable SMS completely and force everyone to token MFA.
Show threadRS, Author, Novelist, Prosaist
@timjclevenger @simonzerafa @mshelton This is a reasonable explanation for keeping text 2FA for T-blue. The idea that money should allow you the ability to do something otherwise considered stupid is rather an interesting tell about Twitter's management, however.
Mar 15, 2023 at 7:17pmWeb