2FA is neither necessary nor sufficient, and it's a tradeoff on risks. Very wrong for many users' threat models.
I'm thinking more about "new and different threats", not simply "not in threat model".
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
I'm thinking more about "new and different threats", not simply "not in threat model".