Following two weeks of extreme chaos at Twitter, customers are becoming a member of and fleeing the positioning in droves. More quietly, many are doubtless scrutinizing their accounts, checking their safety settings, and downloading their knowledge. But some customers are reporting issues after they try and generate two-factor authentication codes over SMS: Either the texts do not come or they’re delayed by hours.

The glitchy SMS two-factor codes imply that customers may get locked out of their accounts and lose management of them. They may additionally discover themselves unable to make adjustments to their safety settings or obtain their knowledge utilizing Twitter’s access feature. The scenario additionally gives an early trace that troubles inside Twitter’s infrastructure are effervescent to the floor.

Not all customers are having issues receiving SMS authentication codes, and those that depend on an authenticator app or bodily authentication token to safe their Twitter account could not have motive to check the mechanism. But customers have been self-reporting points on Twitter because the weekend, and WIRED confirmed that on no less than some accounts, authentication texts are hours delayed or not coming in any respect. The meltdown comes lower than two weeks after Twiter laid off about half of its workers, roughly 3,700 individuals. Since then, engineers, operations specialists, IT workers, and safety groups have been stretched skinny trying to adapt Twitter’s choices and construct new options per new proprietor Elon Musk’s agenda.

Reports point out that the corporate could have laid off too many workers too shortly and that it has been trying to rent again some employees. Meanwhile, Musk has mentioned publicly that he’s directing workers to disable some parts of the platform. “Part of today will be turning off the ‘microservices’ bloatware,” he tweeted this morning. “Less than 20 percent are actually needed for Twitter to work!”

Twitter’s communications division, which reportedly no longer exists, didn’t return WIRED’s request for remark about issues with SMS two-factor authentication codes. Musk didn’t reply to a tweet requesting remark.

“Temporary outage of multifactor authentication could have the effect of locking people out of their accounts. But the even more concerning worry is that it will encourage users to just disable multifactor authentication altogether, which makes them less safe,” says Kenneth White, codirector of the Open Crypto Audit Project and a longtime safety engineer. “It’s hard to say exactly what caused the issue that so many people are reporting, but it certainly could result from large-scale changes to the web services that have been announced.”

SMS texts are not the most secure way to receive authentication codes, but many people rely on the mechanism, and security researchers agree that it’s better than nothing. As a result, even intermittent or sporadic outages are problematic for users and could put them at risk.

Twitter’s SMS authentication code delivery system has repeatedly had stability issues over the years. In August 2020, for example, Twitter Support tweeted, “We’re looking into account verification codes not being delivered via SMS text or phone call. Sorry for the inconvenience, and we’ll keep you updated as we continue our work to fix this.” Three days later, the corporate added, “We have more work to do with fixing verification code delivery, but we’re making progress. We’re sorry for the frustration this has caused and appreciate your patience while we keep working on this. We hope to have it sorted soon for those of you who aren’t receiving a code.”