If ever there was a surefire way to sour users against a two factor authentication system that was already highly flawed, Twitter has found it. On Tuesday, the social media site said that it used phone numbers and email addresses provided for 2FA protection to tailor ads to users. Twitter requires users to provide a valid phone number to be eligible for 2FA protection. A working cell phone number is mandatory even when users 2FA protection is based solely on security keys or authenticator apps,...

Read the full article at Arstechnica