@LapierreDigital @ploberman From the reports of social engineering a Twitter admin, they could likely reset the password, generate a one-time 2fa code (or disable it) and gain access that way.

All of our personal practices mean nothing if the company has a crack in the armor.