LOS ANGELES — Twitter users were greeted early Saturday with an ultimatum from the social media app: subscribe to the platform’s new premium service or lose a popular account security feature.
A pop-up message warned users that they would lose the ability to secure their accounts via SMS two-factor authentication unless they pay $8 a month to subscribe to Twitter Blue.
The news states that starting March 19, users who don’t log in will be locked out of their accounts until they remove the security feature.
Here are some questions and answers about why Twitter made this change and alternative ways to secure your account:
What is two-factor authentication?
Two-factor authentication adds a second layer of security to password-protected accounts by requiring users to enter an automatically generated code to log in.
This extra step helps protect online accounts because, in addition to the password, you need access to a separate app, device, or phone number where you can get the code.
Such codes can be generated by apps such as Microsoft Authenticator or Google Authenticator. Or they can be sent to a user’s smartphone via SMS.
It’s the SMS-based two-factor authorization that Twitter now only restricts to Twitter Blue subscribers.
Why is Twitter doing this?
In a Wednesday blog post, the San Francisco-based company acknowledged that the text-messaging-based security method has always been popular with its users, but said the feature is “used — and abused — by bad actors.”
The company didn’t respond to an email early Saturday asking for more details about the abuse of the security method.
Elon Musk, who completed his $44 billion acquisition of Twitter in October, has been trying to find a way to maximize the company’s profits.
One of them is Twitter Blue, which, among other things, allows anyone to pay for verification, which was previously reserved for celebrities, journalists and other well-known people.
On its blog, Twitter encouraged users who will not subscribe to Twitter Blue to consider using alternative account security options, specifically an authenticator app or security key.
These methods require you to physically own the authentication method and are a good way to ensure your account is secure.
What other ways are there to secure my Twitter account?
An authenticator app or security key also adds a layer of account security beyond just a password.
A security key is a small, handheld device that generates a series of random numbers that you enter when prompted to log into an online account.
An authenticator app uses the same approach, but instead of a separate physical device, the app resides on your phone.
To set up an authenticator app to secure your Twitter account, you’ll need to download one of several available applications onto your device. They are available for free in the Apple or Android app stores. If you’d rather not use Google or Microsoft Authenticator, there are other options including Authy, Duo Mobile, and 1Password.
Once you have the app, open the desktop version of Twitter and click the icon with ellipses in a circle. There you will find “Settings and privacy”, then “Security and account access” and finally “Security”. Here you can select “Authenticator App” and follow the instructions to set it up. Twitter will prompt you to provide your email address if you have not already done so.
Once you’re done, you can use your authenticator app’s auto-generated numeric codes to add an extra layer of security when logging into Twitter.
More must-reads from TIME