Twitter is ending support for its SMS-based two-factor authentication (2FA) method, which it considers to be the least secure form of authentication. The move is expected to make those who currently rely on SMS for 2FA less secure, as they will be required to switch to other forms of authentication before the deadline or pay a fee for Twitter Blue. The announcement is not surprising, given the security issues associated with SMS 2FA. Cybercriminals have been known to use social engineering tactics to trick mobile carriers into reassigning phone numbers to their own devices, intercepting text messages and access codes in the process. Despite the change, users can still enable 2FA for free using an authenticator app like Google Authenticator or Authy, or use a security key at an additional cost.