‘We will see more of this,’ tech expert says, as Twitter prepares to disable security feature for some users

On Saturday, Twitter customers had been alerted that the social media app will likely be disabling a significant safety function for individuals who don’t subscribe to Twitter Blue by March 19. The platform’s new premium service comes with a price ticket of US$8 per 30 days, and permits customers to pay for verification.

But one cybersecurity knowledgeable mentioned he thinks this initiative is a component of a bigger push to vary how digital accounts are protected.

“What they are removing is the SMS or text-based authentication,” Ritesh Kotak, a tech and cybersecurity knowledgeable, instructed CTV News Channel on Sunday, referring to the one-time codes customers obtain through textual content message to entry accounts. “What they’re really promoting here is using authentication apps or security keys.”

Kotak mentioned different cellular verification applications are usually safer than SMS-based two-factor authentication.

The different element behind Twitter’s resolution to desert two-factor authentication through textual content, he mentioned, “comes right down to {dollars} and cents.

“Every time that code gets sent via text message, Twitter actually ends up getting charged,” he defined. “Elon Musk and Twitter are claiming there’s actually fraud involved in that, where Twitter has lost about $60 million. So it’s two-fold.”

But will these modifications make customers extra susceptible? The reply, Kotak mentioned, is sure.

“Where this becomes problematic is if you’re reusing passwords or if there’s a breach, there’s that level of protection that comes with two-factor [authentication which] won’t be there,” Kotak mentioned. “Post-March 19, there are going to be individuals and accounts that are going to get hacked.”

But correctly securing digital accounts goes past simply utilizing the two-factor authentication function, Kotak mentioned, which can already expose customers to safety dangers.

“There has been a huge push within the tech industry to move away from text-based SMS verification,” he mentioned. “The reason for that is there are vulnerabilities, SIM swapping being one of them, numbers could be forwarded. It’s not 100 per cent secure. These authentication apps and security keys are much more secure.”

Kotak mentioned the tech business is transferring in the direction of what’s referred to as a “passwordless world,” the place authenticator apps will substitute the necessity to keep in mind quite a few passwords.

“A lot of tech companies, Microsoft included, have been pushing the fact that they want you to use authentication apps, not SMS. It’s economical for them. But it’s also more secure for the user,” he defined.

The greatest safety measure, Kotak added, is to not reuse passwords. He additionally really helpful enabling authentication apps reminiscent of Google Authenticator or Microsoft Authenticator.

In phrases of future shifts in digital safety measures, Kotak warns that that is simply the beginning.

“We will see more of this,” he mentioned.