I would love to delete my account, but my understanding is that the @rationalwalk handle will then be free for someone else to claim and that could cause real damage.
I know that many people think that Twitter in particular or social media in general serves a purpose, but in my opinion the negatives far outweigh the positives even if the platforms were run well. The fact that the platform is run so poorly tilts the scales even further against using it.
Two-factor authentication remains available to everyone and is not being eliminated for free users. I verified my free account using the free Google Authenticator app. I've been using that for a couple of years on Twitter. What *is* being removed is the text message/SMS method of two-factor authentication. I don't think that is a big deal.
Of the Twitter users who use two factor authentication, nearly 75% of them use SMS as the method. It is the predominant method used for two factor authentication and eliminating it can do nothing but degrade security on the site.
Through this move and many others, Twitter prior to Elon and Twitter under Elon has demonstrated contempt for users that has driven accounts like mine that had been active on the platform for over a decade to abandon it. The straw that broke the camel's back was their refusal to suspend an account that blatantly imitated The Rational Walk by adopting my logo, images, and profile text and has been sending DMs to my followers.
Thanks! I'm surprised to see that so many people still use SMS for this. It could also be explained by the fact that after verifying your account, you don't really need to use 2FA again on your device if you stay logged in and don't update certain info in your profile.
The real shocker for me is that according to that page, 2FA usage on Twitter is only 2.6%!
I do think that asking people to download the free Google Authenticator app for 2FA is reasonable though. So many sites I use require Google Authenticator now. SMS seems to be getting phased out at many places due to security concerns. What I don't like about Twitter's decision is that they continue to allow Twitter Blue users to use SMS for 2FA. That doesn't make sense if the objective is to phase out an unsafe method of 2FA.
Fully agree with you about the lack of action on Twitter's end regarding fake accounts. It already was an issue years ago and is an even bigger problem today.
I'm a pretty big fan of Twitter and find it indispensable to connect with other investors and to find information about stocks, even obscure ones. It has become so much easier to discuss ideas compared to using message boards, blog comments, etc., back in the day. If Elon forces me to pay something to use it in the future, I'll probably groan and cough up the money. For me the positives still vastly outweigh the negatives.
Just noting that the first sentence of Paul's original comment is still valid and might yet merit a more full response?
As of this writing, this post still notes, incorrectly I believe, that "Unfortunately, Twitter recently moved even further in the wrong direction by eliminating the ability of free users to secure their accounts with two-factor authentication."
Perhaps that could be subtly updated to a phrasing more like "by eliminating the ability of free users to secure their accounts with the most commonly-used and straightforward form of two-factor authentication"? (Or something similar, like "the most commonly used and easiest to set up form of two-factor authentication"?)
We both heartily agree this is a step backwards: a move in the wrong direction. But Twitter hasn't (at least yet) fully eliminated the ability to use 2FA by its free users. Instead, they've made doing that more complicated and onerous, which could result in some people currently using SMS/text-based 2FA going without that protection altogether, while discouraging others from setting it up for the first time.
I don’t like to change posts after they are published but agree it’s true that the 25% of free Twitter users using 2FA via methods other than SMS apparently can continue doing so for now. I stand by the overall point I made which questioned why Twitter would charge anything for making the platform more secure and trustworthy. Not to mention the criticism over their unwillingness to deal with imposters.
Thanks. And understood re not wanting to change posts after publication.
Regarding imposters, it sucks that Twitter was so unresponsive to that flagrant imitator of yours. (Hoping they've finally been suspended.)
It was sobering to learn recently that even LinkedIn has been experiencing a rash of fake accounts there. (Some of these could potentially be imitators, while many are apparently outright "fake people.")
There are a variety of reasons scammers might set those up. Generating leads – sometimes by third-parties working on behalf of reputable firms unaware of their activities – is apparently one of those reasons:
IDK if LinkedIn has been more diligent in trying to identify and remove those than has Twitter. But my sense is that the lack of trust that engenders is a Big Deal to LinkedIn, and they've been actively working to do so. (They claim their automated tools have caught over 95% of fake account setup attempts, for instance.)
I haven’t logged into Twitter since the fall. Because I’m not monitoring or active, I just deactivated my account. Data point of one.
I would love to delete my account, but my understanding is that the @rationalwalk handle will then be free for someone else to claim and that could cause real damage.
I know that many people think that Twitter in particular or social media in general serves a purpose, but in my opinion the negatives far outweigh the positives even if the platforms were run well. The fact that the platform is run so poorly tilts the scales even further against using it.
I understand. I read your whole piece. My account was just some socializing and news finding.
Two-factor authentication remains available to everyone and is not being eliminated for free users. I verified my free account using the free Google Authenticator app. I've been using that for a couple of years on Twitter. What *is* being removed is the text message/SMS method of two-factor authentication. I don't think that is a big deal.
It is a very big deal.
Of the Twitter users who use two factor authentication, nearly 75% of them use SMS as the method. It is the predominant method used for two factor authentication and eliminating it can do nothing but degrade security on the site.
Through this move and many others, Twitter prior to Elon and Twitter under Elon has demonstrated contempt for users that has driven accounts like mine that had been active on the platform for over a decade to abandon it. The straw that broke the camel's back was their refusal to suspend an account that blatantly imitated The Rational Walk by adopting my logo, images, and profile text and has been sending DMs to my followers.
Source: https://transparency.twitter.com/en/reports/account-security.html#2021-jul-dec
Thanks! I'm surprised to see that so many people still use SMS for this. It could also be explained by the fact that after verifying your account, you don't really need to use 2FA again on your device if you stay logged in and don't update certain info in your profile.
The real shocker for me is that according to that page, 2FA usage on Twitter is only 2.6%!
I do think that asking people to download the free Google Authenticator app for 2FA is reasonable though. So many sites I use require Google Authenticator now. SMS seems to be getting phased out at many places due to security concerns. What I don't like about Twitter's decision is that they continue to allow Twitter Blue users to use SMS for 2FA. That doesn't make sense if the objective is to phase out an unsafe method of 2FA.
Fully agree with you about the lack of action on Twitter's end regarding fake accounts. It already was an issue years ago and is an even bigger problem today.
I'm a pretty big fan of Twitter and find it indispensable to connect with other investors and to find information about stocks, even obscure ones. It has become so much easier to discuss ideas compared to using message boards, blog comments, etc., back in the day. If Elon forces me to pay something to use it in the future, I'll probably groan and cough up the money. For me the positives still vastly outweigh the negatives.
Just noting that the first sentence of Paul's original comment is still valid and might yet merit a more full response?
As of this writing, this post still notes, incorrectly I believe, that "Unfortunately, Twitter recently moved even further in the wrong direction by eliminating the ability of free users to secure their accounts with two-factor authentication."
Perhaps that could be subtly updated to a phrasing more like "by eliminating the ability of free users to secure their accounts with the most commonly-used and straightforward form of two-factor authentication"? (Or something similar, like "the most commonly used and easiest to set up form of two-factor authentication"?)
We both heartily agree this is a step backwards: a move in the wrong direction. But Twitter hasn't (at least yet) fully eliminated the ability to use 2FA by its free users. Instead, they've made doing that more complicated and onerous, which could result in some people currently using SMS/text-based 2FA going without that protection altogether, while discouraging others from setting it up for the first time.
I don’t like to change posts after they are published but agree it’s true that the 25% of free Twitter users using 2FA via methods other than SMS apparently can continue doing so for now. I stand by the overall point I made which questioned why Twitter would charge anything for making the platform more secure and trustworthy. Not to mention the criticism over their unwillingness to deal with imposters.
Thanks. And understood re not wanting to change posts after publication.
Regarding imposters, it sucks that Twitter was so unresponsive to that flagrant imitator of yours. (Hoping they've finally been suspended.)
It was sobering to learn recently that even LinkedIn has been experiencing a rash of fake accounts there. (Some of these could potentially be imitators, while many are apparently outright "fake people.")
There are a variety of reasons scammers might set those up. Generating leads – sometimes by third-parties working on behalf of reputable firms unaware of their activities – is apparently one of those reasons:
https://www.npr.org/2022/03/27/1088140809/fake-linkedin-profiles
IDK if LinkedIn has been more diligent in trying to identify and remove those than has Twitter. But my sense is that the lack of trust that engenders is a Big Deal to LinkedIn, and they've been actively working to do so. (They claim their automated tools have caught over 95% of fake account setup attempts, for instance.)
https://www.cnbc.com/2022/12/10/not-just-twitter-linkedin-has-fake-account-problem-its-trying-to-fix.html