Social media giant Twitter has big plans in March, as it announced it will disable SMS-based two-factor authentication unless users subscribe to the platform’s premium subscription service, Twitter Blue.
Facebook and Instagram have followed suit, with Meta announcing a similar paid verification service that will also include monitoring for impersonation of users. The paid verification subscription called Meta Verified will enable users on both platforms to submit their government-issued ID that needs to match their profile photo and name.
Twitter is determined to cut any form of text message 2FA from non-paying users by March 20. While the decision is based on the social media’s struggle with spam, hijacked accounts and impersonation attempts, new owner Elon Musk has also confirmed that this new policy will save the platform millions by cutting down on telco charges for spam SMS messages.
The restriction of SMS 2FA strictly to paid accounts means that all non-Twitter Blue subscribers who don’t make the switch before the deadline will have the security feature disabled.
This brings several security risks into play. Social media accounts are highly desired commodities in underground forums, and cybercriminals may exploit users’ negligence.
Those who refrain from tweaking their security settings and choosing a different authentication method could become the target of credential stuffing attacks fueled by the massive leak of 200 million Twitter accounts.
Users who decide to turn 2FA off completely and practice poor password management will give malicious actors a foothold into their digital accounts and lives, making hacking or phishing more dangerous than ever.
Meta’s verified service on the other hand clearly states that once users go through the verification process, they won’t be able to change any details on their profile without repeating the process again. This includes name, username, date of birth and even their profile photo.
Although this policy may not be carved in stone, the process may prove challenging for the majority of users, including victims of cyberbullying and cyberstalking. Mandatory authentication via a government ID may also bring additional privacy and security issues for users.
Meta’s platforms are no strangers to data breaches and leaks, and storing such sensitive information could prove devastating for users. And there’s more. Scammers could easily exploit this new policy, posing as Facebook or Instagram employees, and requiring ‘verified’ subscribers to either pay additional fees or submit their information via fake forms.
If you’re not fond of SMS two-factor authentication as a premium paid service, don’t worry - you can still add an extra layer of security to your social media accounts by switching to an authenticator app instead.
To set 2FA authentication via an Authentication app, you’ll first need to install one on your phone. Then, access your Twitter account and head to Security and account access from your Settings menu, and select the Authentication app in the Two-factor authentication settings.
Using an authentication app instead of SMS to log in to your social media account will undoubtedly boost your security and privacy in case your phone number is compromised. Just remember that, if you misplace or lose your device, you’ll need to save and securely store your backup codes so you don’t get locked out of your Twitter account.
Bitdefender Password Manager can help you overcome any obstacles by safely storing your passwords and any other sensitive information, including backup codes that will allow you to access your social media account.
Sticking to good cyber hygiene can help you beat all kinds of malicious individuals and social media threats:
· Use your privacy settings – frequently review privacy and security settings on all of your social media platforms to manage who can see, react or comment on the content you share
· Leave a positive digital footprint – protect your online reputation and help ensure success in your career or education, think twice before posting distasteful material
· Stop oversharing - protect your privacy by limiting the amount of information you share on social media. Scammers can use publicly available info such as phone numbers, email addresses and date of birth, to target you. The more information you post, the easier it becomes for malicious individuals to harm you
· Use strong passwords and use a two-factor authentication method – use unique passwords and never use personal identifiers when setting it up. You can opt for a dedicated password manager to help you create and store passwords that meet the highest security standards.
· Use a security solution on your device – a security solution can protect against malicious attacks and block phishing and scams that target you or your data on all major social media platforms and beyond
· Use reporting tools – always report improper behavior, scam posts or ads , and bullies and harassment to the platform and police. Keep a copy of any threatening communication and block the malicious individual immediately
· Don’t fall for too-good-to-be-true deals and be vigilant against unsolicited messages – Any links you receive via instant messaging from strangers can be part of a phishing campaign or try to scam you
Security and privacy solutions go hand in hand when it comes to safeguarding your digital identity and safety in the age of social media, where malicious individuals can follow your every online move.
Bitdefender all-in-one plans pack our award-winning and innovative technologies that prevent and detect new and existing cyberthreats alongside a powerful VPN with unlimited traffic and a cross-platform password manager to help you secure and manage your passwords and other sensitive information.
Moreover, with Bitdefender Digital Identity you can protect your online identities and hunt down any social media impersonators who may try to ruin your reputation. The dedicated identity protection tool maps out your digital footprint, allowing you to easily manage personal data and assess personal data exposure and privacy risks, by offering a trouble-free way to understand how security breaches can individually affect you.
Social media aficionados can stay on top of data breaches and leaks with 24/7 data breach monitoring, real-time alerts for privacy threats, and even manage your privacy and ad settings on all major social platforms, including Twitter, Facebook and Instagram.