As Twitter forces users to remove text message 2FA, it’s in danger of decreasing security