Twitter says 2FA still works, but it’s looking into a ‘few cases’ where it didn’t

Twitter has confirmed that two-factor authentication is still up and running on the service, despite concerns that it had inadvertently been shut down or broken. A tweet from Twitter Support says the company is “looking into the few cases where SMS codes aren’t being delivered,” but it doesn’t give much indication of how many people were affected.

On Monday, a few tweets went viral on the platform featuring screenshots of error codes about how SMS codes couldn’t be sent, with some users linking the issues to CEO Elon Musk saying that the platform would be shutting down unnecessary parts of Twitter’s infrastructure. However, our tests showed that the service wasn’t completely broken, and when we put out a public call asking people if they’d been locked out, we only received a handful of replies. Most talked about how they weren’t able to pass the 2FA check required to request an archive of your Twitter data.

While Twitter’s official word on two-factor authentication may reassure some people who are worried about not being able to log back into their accounts, I’m personally still finding it hard to fully trust the platform to remain stable at this point. Several engineers at the company have accused Musk of not understanding the technical changes he wants to make at the company, and they’ve reportedly been fired for doing so, even if they raised their concerns in private. Twitter’s also gotten rid of or lost about half its staff, thousands of contractors, and executives in charge of things like information security and trust and safety.

While the tweets accusing Twitter of deleting the two-factor authentication microservice don’t appear to have been accurate, I feel like we could very well see some game-breaking bugs pop up in the not-so-distant future if the company keeps heading in this direction.