He’s treating user security like a marketing tactic https://www.wired.com/story/twitter-sms-2fa-twitter-blue/