Ultimately, it will not be so much a question of that question in that sense either. But let’s face it, with single user authentication and authorization, this of course remains one thing. If you want to strongly suppress the possibility of this, you should ensure that an additional authorization has to take place. A stamp of approval on all actions of administrators and moderators. In which to enable a ‘hack’ like this you would have to take over two accounts.
Likewise, the approval for logging in from a new IP address should be approved by a second party to further reduce the risk.
Then you are in a situation where you may have the login details for both employees to give yourself clearance, but still with the problem that you run into the limitation for both of you that you cannot log in until someone provides your IP access.
The tricky thing in these matters is of course workability of the situation. It leads to additional actions, which takes time. In other words, you will need more employees to do the same job, more employees cost more money. And companies like Twitter are not exactly known for the mega profits they make. In fact, I think Twitter will only lose net if I am not mistaken?
And of course it all remains a trade-off between the complexity of your security on the one hand and the risk of its abuse on the other. Twitter has been around for many years, but the number of incidents is limited. I myself work within a sector in which a ‘check, check, double check’ culture is fairly prominent. The further you go in there, the smaller the risk of problems, certainly. But it also just takes a lot of time.