Loading

The alternative, as Musk told Twitter users, is to use an app and there’s a wide range available, with most relying on common industry standards to generate the same kind of codes as are sent via text message.

Among the most popular are Google Authenticator (which works with more than just Google services), Microsoft Authenticator, Authy, and 1Password. The latter also doubles as a password management tool, helping users to keep track of all their passwords, which should ideally be different and lengthy.

To set up these apps, users typically log in to whatever app they are trying to secure, navigate through settings to a two-factor authentication page, and then scan a QR code with their phone to link the verification app to their account. Many authentication services are free.

But while these apps are better, they are also rarely used. Twitter’s most recent data, which is from December 2021, shows that very few of its users have two-factor authentication turned on but that almost 75 per cent of that group use SMS to get verification codes.

Loading

If Twitter users with text-based authentication don’t turn it on by March 20, they will lose it altogether. RMIT professor Aisha Rao said in written comments that Twitter’s change could worsen those users’ security if they don’t realise that other methods are available.

“Social media already has a problem with cybersecurity,” Rao said. Australia’s eSafety Commissioner, Julie Inman Grant, agrees, saying security should be fundamental to social media rather than an add-on that users have to pay for.

“We know that Australians, the end-users of these platforms, want companies to do more to proactively address online safety,” Grant said. “A recent eSafety survey showed that 84 per cent of Australian adults think tech companies have a responsibility for their online safety.”

Twitter no longer has Australian media staff to answer queries.