How to keep your account from getting hacked
open allWhat for: So you don’t get hacked.
If you use a short and simple password, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:
- Is at least 8 characters long;
- Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
- Is not an actual word or easy-to-guess phrase;
- Is not the same as your passwords for any other accounts;
- Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).
To change your password:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Account;
- Tap Password;
- Enter the current password for your X(Twitter) account;
- Enter a new strong password twice;
- Tap Update password.
What for: So you definitely don’t get hacked.
X(Twitter) can prompt you to enter an additional one-time code every time you log in to your account. If cybercriminals attempt to hack your account, they will not be able to log in without this code. The code can be received in different ways: via a text message (SMS) or using an authentication app.
To enable two-factor authentication:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Account;
- Tap Security;
- Select Two-Factor Authentication;
- Select the authentication method:
- Text message — receive a one-time code via SMS;
- Authentication app — a one-time code is generated in a dedicated app such as Authy or Google Authenticator;
- Security key — a one-time code is generated using a USB, Bluetooth or NFC authorization device such as YubiKey;
- Follow the on-screen instructions;
- When two-factor authentication is enabled, you will see a dialog box with a one-time backup code. Copy it and store it in a safe place. You need this code to access your account if you lose your phone. Note that you can log in using the backup code only in the Web version of X(Twitter).
You can get the code later by selecting Backup code in the Additional methods section.
Downside: If you use SMS-based authentication, X(Twitter) can use the specified phone number for targeted ads.
What for: To make sure that you are the only one who has access to the account.
You can view the history of logins and other activities carried out on behalf of your account. If you detect any suspicious activity, immediately change your password and terminate all active sessions except the current one.
To check the security of your account:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Account;
- Tap Apps and sessions;
- Check your personal data and activity history in the Sessions and Account access history sections.
To terminate all active X(Twitter) sessions except the current one:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Account;
- Tap Apps and sessions;
- Select Sessions;
- Tap Log out all other sessions.
How to keep corporations out of your business
open allWhat for: To use device resources sparingly and hide from cybercriminals.
X(Twitter) detects the approximate location of users based on the IP address. However, the app can also collect information about your precise location so you can geotag your posts and view targeted ads and recommendations. Note that if you once geotag your tweet, all your subsequent posts will be geotagged automatically until you disable this feature.
Transmission of geodata increases traffic usage and drains the battery. Information about your location can also help cybercriminals stage phishing attacks.
Precise location tracking is disabled by default, but we recommend checking this setting.
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Privacy and safety;
- Go to Precise location;
- Clear the check mark next to Precise location.
It is impossible to remove geotags from previously published tweets in the Android app. To do so, follow instructions for the web version.
Downside: Third-party services can also geotag your tweets and do not always warn you explicitly.
How to defeat spammers and trolls
open allWhat for: To limit unwanted communication.
By default, only users whom you follow can send you direct messages. However, we recommend checking this setting:
- Open your profile by tapping the menu icon in the upper left corner of the screen;
- Select Settings and privacy;
- Tap Privacy and safety;
- Go to Direct Messages;
- Make sure that the Receive message requests toggle switch is turned off.
This will not affect users with whom you have already started chats. To stop them from sending you direct messages, blacklist them.
Companies and developers may send you direct messages requesting your location or access to media files. They use this information to configure recommendations. Note that this information can be shared with third parties, so treat such requests with care.
What for: To keep your peace of mind.
You can stop tweets containing specific words, hashtags, and smiley faces from appearing in your news feed and notifications. This lets you hide unwanted posts.
To configure the filter:
- Open the notification feed (by tapping the bell icon).
- Tap the cogwheel icon in the upper right corner of the screen;
- Go to the Muted words section;
- Select Muted words;
- Tap the icon with the + sign and add the word, tweets with which you want to hide;
- In the Mute from section, chose where to apply the filter: to the home timeline or the notification feed;
- In the Duration section, select for how long the filter should be effective;
- Tap Save.
By default, it is applied forever to both the home timeline and the notification feed. Also keep in mind that the filter is not case sensitive.
What for: To exclude adult and graphic content from the notification feed.
X(Twitter) can filter out content it designates offensive. This feature is disabled by default. However, we recommend checking the settings:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Privacy and safety;
- If Display media that may contain sensitive content is checked, clear the check mark.
Keep in mind that you will still see such content in search results. To stop X(Twitter) from showing it in search results:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Content preferences;
- Open Search settings;
- Set the Hide sensitive content check mark.
How to hide posts from unwanted people
open allWhat for: To get rid of unwanted people in the virtual space.
To stop a specific user from viewing your tweets and replying to them or sending you direct messages, you can block this user. The blocked user will not be able to view your profile or contact you.
To block a user:
- Go to the profile of the follower you wish to block.
- Tap the three dots icon in the upper right corner of the screen;
- Select Block;
- Tap Block in the window that opens.
The user will not be notified about getting blocked. However, if they visit your profile, they will see that you blacklisted them. In this case the blocked users can file a complaint against you and view all tweets in which you mentioned them.
You can unblock a blocked user any time (for example, if you blocked the user by mistake):
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Privacy and safety;
- Go to the Blocked accounts section;
- Tap the Blocked button next to the account name to unblock it.
Keep in mind that if one of your followers shares the link to the photo attached to your private tweet, the image will be visible to all recipients.
What for: To avoid running into somebody you don’t wish to see.
Even if you block a user, you will still be able to see his account in search results. To exclude blocked accounts from search results:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Content preferences;
- Open Search settings;
- Select the check mark next to Remove blocked and muted accounts.
How to prevent your personal data from being exposed
open allWhat for: To prevent your contact details from ending up in the hands of cybercriminals in the event of a leak.
X(Twitter) can use your phone contact list to suggest you to follow their accounts. The service also uses contact list information to create targeted ads and form your news feed. This information can be shared with third parties, which increases the risk of leaks.
To disable contact synchronization:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Privacy and safety;
- Go to the Discoverability and contacts section;
- Tap Remove all contacts. This removes data collected by the service and disables contact syncing.
After that X(Twitter) will stop suggesting you to follow the accounts of your friends in your contact list.
Note that even after you disable synchronization, the X(Twitter) app will still have permission to access your contacts. To revoke it:
- Open Settings on the device.
- Go to the Apps & notifications section;
- Tap See all apps and select X(Twitter) in the list;
- Select Permissions;
- Tap Contacts and select Deny.
What for: To keep cybercriminals from learning sensitive information.
By default, your posts are visible to everybody, even people who do not have a X(Twitter) account. Information from posts can help cybercriminals stage phishing attacks. You can limit the visibility of your tweets to everybody except approved followers.
To limit access to your posts:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Privacy and safety;
- Turn on the toggle Protect your Tweets.
Now X(Twitter) users who want to read your posts will have to submit a request and wait for your approval.
Previously published tweets will remain public.
Also, people who were among your followers at the time when you made your profile private will continue to see your tweets.
What for: To prevent cybercriminals from using such information.
By default, other X(Twitter) users can find your account using your phone number or e-mail address. Information from your profile can help cybercriminals stage phishing attacks, so we recommend disabling this feature.
To stop users from finding your account using your phone number or e-mail address:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section.
- Select Privacy and safety;
- Go to the Discoverability and contacts section;
- Clear check marks next to:
- Let others find you by your email;
- Let others find you by your phone.
Downside: Other users will have a harder time finding your X(Twitter) account.
How to get rid of unwanted notifications
open allWhat for: To avoid distractions.
By default, X(Twitter) sends you notifications about the most interesting activities of other users (in the opinion of the service). If these notifications seem unnecessary, you can stop the app from notifying you about activities of specific user categories, e.g. those who have not confirmed their contact details (spammers often avoid doing this to save time):
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Notifications;
- Set the check mark next to Quality filter;
- Tap Advanced filters and select check marks next to:
- You don’t follow;
- Who don’t follow you;
- With a new account;
- Who have a default profile photo;
- Who haven’t confirmed their e-mail;
- Who haven’t confirmed their phone number.
Downside: The filter does not apply to accounts that you follow or with which you recently interacted.
What for: To avoid distractions.
X(Twitter) can send you push notifications, text messages, or e-mails. Some of the notifications are marketing materials about recommended products, including from X(Twitter) partners.
To stop receiving such notifications:
- Open the menu by tapping the icon in the upper left corner of the screen;
- Go to the Settings and privacy section;
- Select Notifications;
- Go to the Email notifications section and clear check marks next to:
- News about updates to X(Twitter) products and features;
- News about X(Twitter) on partner products and other third-party services;
- Participation in X(Twitter) research surveys;
- Suggestions based on your recent follows.
We recommend reviewing other notification categories and disabling those that you do not want to receive.
Downside: Some notifications may contain information about service features and useful tips on using the platform.