17 Ways to Improve Your Twitter Security Today

Katrina Power

Katrina Power

January 15, 2016

We know, we know.

Twitter is meant to be a free-for-all, an open mike, a way to take part in the global conversation. A space in which people who want to be heard, can be heard.

When you’re on Twitter, you’re putting everything out there. That’s the whole point of the social media platform.

But we’re not talking about achieving complete privacy on Twitter here. If you want to be unseen and unheard, then don’t even bother signing up.

No, we’re talking about Twitter security.

Most people don’t know anything about how to protect their Twitter accounts. This is quite shocking considering the constant flow of reports of spam and trolling, as well as the ever-growing list of high-profile Twitter security breaches.

Burger King’s account being plastered with McDonald’s icons. Fox News falsely reporting Barack Obama’s death. A leak of U.S. Central Command employee personal data. Australian MP Martin Foley “liking” saucy X-rated photos. UK Labor Party leader Jeremy Corbyn calling David Cameron a pie.

Don’t wait until you get locked out and your account starts blasting out messages comparing a world leader to a pastry before considering your Twitter safety. Follow the tips and tricks below to secure your account right now!

1. Twitter Safety Center is your friend

twitter safety center
The Twitter Safety Center was launched in August 2015, bringing together information that was previously scattered across the platform’s website into one convenient, easy-to-use space. Have security concerns, or would like to learn more about the Twitter privacy policy? Start with the Safety Center. Familiarize yourself with it. Love it.

To get to the center via desktop, you have to click your profile picture, then “Settings”, then “Security and privacy”. To get to the center via mobile, click the gear button, then your account, then “Privacy”.

2. So is the Data Dashboard

twitter data dashboard
The Twitter Data Dashboard contains some very valuable information that you’d be a fool not to bother looking at: your login history. Found under “Your Twitter data” via the “Settings” menu, it not only tells you when you logged in, but also where, and through what app.

Did an American computer sign in to the Twitter account on your British iPhone? Maybe. Who knows! You’ll never know unless you check your login history.

3. Uncheck your location, for goodness sake!

twitter location
Why would you voluntarily “Add location” when making a tweet? Twitter has the feature off by default because they know that it invites all kinds of safety issues and security threats. You’re essentially giving yourself a beeper collar and inviting yourself to be tracked whenever you add your current location.

Don’t check “Add a location to my Tweets” in the “Privacy” section. Don’t do it.

4. And while you’re at it, delete all location information from past tweets

twitter location
No one cares that you were at the Starbucks on 9th street last Friday. No one. Except for maybe criminals (of both the real-world and cyber persuasion).

Oh, and stalkers who use Creepy, a free app that scans all Twitter location data of whichever handle is searched and creates a literal map of everywhere that that person’s ever been.

Do yourself a favor and press the “Delete all location information” button in the “Twitter location” section of the “Privacy” page.

5. Turn off photo tagging

twitter photo tagging
Worried about a bot spamming your account with obscene pictures, or a coworker tagging you at that holiday party where you drank a wee bit too much and made a complete twat of yourself?

The solution is quick, easy, and painless: just check “Do not allow anyone to tag me in photos” under “Photo tagging” on the Twitter “Privacy” page!

6. Go incognito

twitter discoverability
If you don’t want your email address linked to your Twitter handle or are posting under a pseudonym, make sure to uncheck “Discoverability” in the Twitter privacy settings. Once you do so, people will no longer be able to find your account when they Google your email address.

Something to keep in mind if you don’t want potential employers or the like to find your tweets about what a pinhead your job interviewer was (because what is Twitter good for if not to horrendously overshare?).

7. Practice safe tweeting

make twitter private
Shockingly enough, it is possible to make Twitter private if you want to. You simply have to check “Protect my tweets” in the “Security and privacy” section.

From then on, people will need permission to follow you (though you’ll keep all your existing followers), only followers will be able to see any future tweets you make, no one can retweet you, and your tweets won’t show up in Google.

We think that this feature kind of defeats the whole purpose of Twitter, but hey, whatever floats your boat.

8. Restrict password resets

twitter password reset
Have you been receiving Twitter password reset requests that you haven’t asked for? Ward off wannabe hackers and other internet threats by checking “Require personal information to reset my password” in the “Security and privacy” section of your account settings. Once you’ve opted into the feature, you’ll have to provide your email address or phone number before an email request can be sent.

So so long as you don’t have those two tidbits of personal data plastered all over your Twitter account, you’ll automatically reduce the number of nefarious requests received, if not diminish them altogether.

9. Enable login verification

twitter login verification
If someone does manage to get ahold of your password, you can stop those ne’er-do-wells in their tracks with the Twitter two-step verification system. All you have to do is check “Send login verification requests to my phone” on the “Password” page, and then “Okay, send message” to receive verification codes via SMS texts.

Once the feature is enabled, you will have a brand new login code sent to your phone whenever you log in to your Twitter account!

10. Manage pesky third-party applications

twitter third party apps
Twitter never forgets.

Whenever you let a third-party app access your account, Twitter remembers it and allows the app to connect automatically in the future.

Handy, yes, but it can also be risky as some apps will request permission to send tweets and direct messages (DMs). Should any of these apps be compromised, your account could easily be compromised as well.

To prevent this from happening, do a clean sweep of your account now and again. Click the “Apps” tab on the settings page and click the “Revoke” button on any app that you no longer wish to be connected to.

11. Consider a URL expander

google chrome longURL
Due to Twitter’s character restrictions, many people use URL shorteners such as when adding outbound links. Good for staying within the limit, but bad for people who like to have some idea of where they’re going before they click on something.

To unshorten Twitter URL’s, you can either pop them into a click-and-paste web-based URL expander or use a browser extension such as Google Chrome’s LongURL that will automatically expand all links on Twitter upon installation.

That said, with the dawn of #beyond140 this nugget of advice may soon become obsolete!

(Side note: Screw #beyond140. We like our tweets short and sweet.)

12. Beware of phishing

twitter phishing
While on the subject of outbound links, be careful if you click on one and are unexpectedly sent to a Twitter login page. This probably goes without saying, but practice common sense and basic internet safety by double checking that the address actually says before entering any information.

If you do enter your information on a fishy site (pun intended, sorry) like, and suddenly find all your passwords changed and personal details compromised, really? You’ll have no one but yourself to blame.

13. Think twice (or thrice) before opening a direct message

twitter direct message
Received a DM from someone you don’t know? Opened that DM to find a link? Clicked on that link, only to find yourself in computer virus hell?

Don’t let curiosity kill the cat. Delete all suspicious DMs upon arrival.

(Alternatively, you could follow James Veitch’s example and start a jaunty correspondence with the spammer.)

14. Make use of Twitter block lists

twitter block lists
Trolling, scamming, and online bullying have been issues on Twitter since its inception. Former Twitter CEO Dick Costolo even once outright said—in a stunning display of eloquence—that: “We suck at dealing with abuse and trolls on the platform and we’ve sucked at it for years.”

In an attempt to put to a halt, or at very least severely cripple such behavior, in June 2015 Twitter launched a feature called block lists, which can be found under the “Blocked accounts” tab in your account settings.

Twitter block lists are useful in that users can both import and export them, giving them the option to block multiple accounts at once. That way you can identify and block bullies and spam accounts before they victimize you! Fancy that.

15. Consider a social media management system

twitter hootsuite
Social media management tools such as Hootsuite and Tweetdeck work to both streamline and safeguard your social media accounts. In addition to helping you track and manage multiple social network channels such as Twitter, Facebook, and Google+ all at once, they also act as a buffer for Twitter security issues such as XSS attacks.

16. Opt out of Twitter’s data broker relationship

twitter promoted content
If you’re going to use Twitter, you’re going to have to deal with advertisements. No if’s or but’s about it.

That said, there is a simple way to prevent the social media platform from collecting your external data to modify the ads that you see.

All you have to do is go to your settings, then to “Security and privacy”, and under “Promoted content” uncheck “Tailor ads based on information shared by ad partners”. Then, under “Personalization”, uncheck “Tailor Twitter based on my recent website visits.”

17. Use Tor or a VPN

twitter promoted content
After Twitter’s most recent state-sponsored hack, the social media platform urged users to consider using an anonymity software such as Tor when tweeting.

The suggestion was more than a tad hypocritical, given that Twitter has been accused multiple times of blocking users found using The Onion Router. While it is possible that they’ve had a change of heart, if you’d like to stay on the safe side, our comparison of Tor vs. VPN shows that while VPNs cannot promise near-complete anonymity like Tor can, they can offer comparable security and privacy for Twitter users.

Or, you know, you could always try turning your Twitter account into an un-breachable digital fortress by using both at once.

Did you find our Twitter security and privacy tips useful? Inform your network by clicking on the link below!

Exclusive Offer
Get NordVPN for only