One weird thing I noticed: Twitter wanted me to use an Email/SMS for two factor even though I have a registered TOTP token to log in to Twitter. I think that's been the case for awhile, not a new change, but still strange.
This is precisely how large, relatively well engineered services die if you leave them unattended for too long. The machine needs a little bit of oil every now and then and there are always new modes of failure found. Those then start to accrue to the point where they become user visible.
One weird thing I noticed: Twitter wanted me to use an Email/SMS for two factor even though I have a registered TOTP token to log in to Twitter. I think that's been the case for awhile, not a new change, but still strange.