No Such Thing as Perfect Security | http://www.littlebobbycomic.com/projects/week-207/ …pic.twitter.com/TIb7l0CU7V
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
I think it's debatable whether the set of password reusers who can't be phished even exists, but if we assume it does exist for the purpose of discussion, 2FA is a terrible solution to it. We have better solutions already that really work!
We have better solutions, but they required a hardware dongle and only worked in a subset of browsers. It’s not surprising “the old thing” that isn’t as good still dominates.
I’m firmly in the camp that dongles aren’t ever mainstream practical. Platform authenticators in webauthn stand to make a meaningful shift in the preferred strong auth option of choice.
I won’t argue that better solutions don’t exist! But I’d say staging and executing a password/2FA phishing attack against 1M users is a much higher bar than simply testing 1M username/password combinations.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.