LOS ANGELES — Twitter users were greeted early Saturday with an ultimatum from the social media app: Subscribe to the platform’s new premium service or lose a popular account security feature.
A pop-up message warned users that unless they pay $8 a month to subscribe to Twitter Blue, they will lose the ability to secure their accounts through two-factor authentication of text messages.
The message said that starting March 19, users who do not have a subscription will be locked out of their accounts until they remove the security feature.
Here are some questions and answers about why Twitter made this change and other ways to keep your account secure:
What is two factor authentication?
Two-factor authentication adds a second layer of security to password-protected accounts by having users enter an auto-generated code to log in.
This extra step helps protect online accounts because in addition to the password, you need access to a specific app, device or phone number where you can get the code.
Apps such as Microsoft Authenticator or Google Authenticator can generate such codes. Or they can be sent to a user’s smartphone via text message.
Text message-based two-factor authentication is now being restricted by Twitter to Twitter Blue subscribers only.
Why is Twitter doing this?
In a blog post on Wednesday, the San Francisco-based company acknowledged that the text-message-based security method has historically been popular with users, but said the feature “is being used — and abused — by bad actors.”
The company did not respond early Saturday to an email seeking more details on how the security method was being abused.
Elon Musk, who completed his $44 billion takeover of Twitter in October, is trying to find a way to maximize the company’s profits.
One of those is Twitter Blue, which, among other features, allows anyone to pay for verification previously reserved for celebrities, journalists and other well-known people.
In its blog, Twitter encouraged users who are not going to subscribe to Twitter Blue to consider using other account security options, especially an authentication app or security key.
These methods require you to have physical possession of the authentication method and are a good way to ensure that your account is secure.
What are the other options to secure my Twitter account?
An authenticator app or security key will add a layer of account security beyond a single password.
A security key is a small portable device that generates a series of random numbers that you enter when prompted when logging into an online account.
An authentication app uses the same approach, but instead of a separate physical device, the app is on your phone.
To set up an authentication app to secure your Twitter account, you’ll need to download one of several available applications to your device. They are free in the Apple or Android app stores. If you prefer not to use Google or Microsoft Authenticator, there are other options, including Authy, Duo Mobile and 1Password.
Once you have the app, open the desktop version of Twitter and click on the icon that shows ellipses in a circle. Here, you will find “Settings and privacy” then “Security and account access” and finally, “Security.” Here, you can select “Authentication app” and follow the instructions to set it up. Twitter will ask you to share your email address to do this, if you don’t already have it.
When you’re ready, you can use the auto-generated numeric codes from your authenticator app to add an extra layer of security when logging into Twitter.
More Must Read From TIME