Twitter is removing text-message two-factor authentication (2FA) for non-subscribers.
By double-checking the identity of the person logging in, 2FA lets users to add an extra layer of security to their online accounts, beyond passwords.
Common methods include texting users a code or using an authenticator app.
But on Saturday, the Twitter Support account tweeted only Twitter Blue subscribers would be able to use text-message authentication from 20 March.
Some text-message 2FA users also received an in-app alert telling them to remove the method before the deadline to avoid losing access to their account.
Twitter owner and chief executive Elon Musk tweeted its authenticator app, which would remain free, was more secure.
Twitter had been “scammed” by phone companies and was paying more than $60m (£49m) a year for “fake 2FA SMS messages”, he told a critic of the move.