Twitter for iPhone users: Medium privacy set

How to keep your account from getting hacked

Set a strong password

What for: So you don’t get hacked.

If you use a short and simple password, cybercriminals can guess it and hijack your account. The more complex and longer the password, the stronger it is. Use a strong password that:

  • Consists of 8–20 characters.
  • Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.).
  • Is not an actual word or easy-to-guess phrase.
  • Is not the same as your password for any other account.
  • Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, etc., or those of your relatives and friends).

To change your password:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Account.
  4. Tap Password.
  5. Enter the current password for your Twitter account.
  6. Enter a new strong password twice.
  7. Tap Done.


Enable two-factor authentication

What for: Better protection against getting hacked.

Twitter can prompt you to enter an additional one-time code every time you log in to your account. If cybercriminals attempt to hack your account, they will not be able to log in without the code. You can opt to receive the code by text message or use an authentication app.

To enable two-factor authentication:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Account.
  4. Tap Security.
  5. Select Two-Factor Authentication.
  6. Select the authentication method:
  7. Text message — receive a one-time code in a text message.
  8. Authentication app — a dedicated app such as Authy or Google Authenticator generates a one-time code.
  9. Security key — a USB authorization device such as YubiKey generates a one-time code.
  10. Follow the on-screen instructions.
  11. When two-factor authentication is enabled, you will see a dialog box with a one-time backup code. Copy it and store it in a safe place. You will need this code to access your account if you lose your phone. Note that you can log in using the backup code only in the Web version of Twitter.

You can get the code later by selecting Backup code in the Additional methods section.

A hardware security key can be used only with the Web version of Twitter and only in combination with two-factor authentication by SMS message or a mobile app.

Downside: If you use authentication by SMS, Twitter can use the specified phone number to configure targeted ads.

Check the security of your account

What for: To make sure that you are the only one who has access to the account.

You can view the history of logins and other activities associated with your account. If you detect any suspicious activity, immediately change your password and terminate all other active sessions.

To check the security of your account:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Account.
  4. Tap Your Twitter data.
  5. In the browser page that opens, check your personal data and activity history in the Account and Account history sections.

To terminate all active Twitter sessions except the current one:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Account.
  4. Tap Apps and sessions.
  5. Tap Log out all other sessions.

How to keep your personal info private

Stop Twitter from detecting your location

What for: To spare device resources and to hide from cybercriminals.

Twitter uses IP addresses to approximate the location of users. However, the app can also collect information about your precise location to help you geotag your posts and view targeted ads and recommendations. Note that if you geotag one tweet, subsequent posts will be geotagged automatically until you disable the feature.

Transmission of geodata consumes data and power, and information about your location can also help cybercriminals stage phishing attacks.

Precise location tracking is disabled by default, but we recommend checking this setting.

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Privacy and safety.
  4. Go to Precise location.
  5. Clear the check mark next to Precise location.

The app for iOS does not allow you to remove geotags from previously published tweets. To do so, follow instructions for the Web version.

Downside: Other services can also geotag your tweets, and they do not always warn you explicitly.

How to defeat spammers and trolls

Restrict contacts from sending you direct messages

What for: To limit unwanted communication.

By default, only users you follow can send you direct messages. However, we recommend checking this setting:

  1. Open your profile by tapping the menu icon in the upper left corner of the screen.
  2. Select Settings and privacy.
  3. Tap Privacy and safety.
  4. Make sure that the Receive messages from any users toggle switch is turned off.

This will not affect users with whom you have already started chats. To stop them from sending you direct messages, blacklist them.

Companies and developers may send you direct messages requesting your location or access to media files. They use the information to configure recommendations, and they can also share it with other parties, so treat such requests with care.

Exclude offensive posts from your news feed

What for: Peace of mind.

You can stop tweets containing specific words, hashtags, and smiley faces from appearing in your news feed and notifications.

To configure the filter:

  1. Open the notification feed (by tapping the bell icon).
  2. Tap the cogwheel icon in the upper right corner of the screen.
  3. Tap Muted.
  4. Select Muted words.
  5. Tap Add and type a word or phrase you do not want to see.
  6. In the Mute from section, chose where to apply the filter: your home timeline, notification feed, or both.
  7. Choose the type of users to whose tweets the filter will be applied: Anyone or From people you don’t follow.
  8. In the Duration section, select for how long the filter should be effective.
  9. Tap Save in the upper right corner of the screen.

Stop unwanted content from showing in your news feed and search results

What for: To exclude adult and graphic content from your notification feed.

The app for iOS does not let you exclude unwanted content from search results. To do so, follow instructions for the Web version of Twitter.

How to hide posts from unwanted people

Block unwanted users

What for: To keep unwanted people out of your virtual space.

To stop a specific user from viewing your tweets and replying to them or sending you direct messages, block the user. Blocked users will not be able to view your profile or contact you.

To block a user:

  1. Go to the profile of the follower you want to block.
  2. Tap the three dots icon in the upper right corner of the screen.
  3. Select Block @username.
  4. Tap Block in the window that opens.

The user will not be notified about getting blocked. However, if they visit your profile, they will see a message saying you blacklisted them. The blocked user can file a complaint against you and view all tweets in which you mentioned them.

You can unblock a blocked user any time:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Privacy and safety.
  4. Go to the Blocked accounts section.
  5. Tap the Blocked button next to the account name to unblock it.

Keep in mind that if one of your followers shares a link to a photo attached to your private tweet, the image will be visible to all recipients.

Stop blocked accounts from appearing in search results

What for: To avoid running into somebody you don’t want to see.

The app for iOS does not allow you to exclude blocked accounts from search results. To do so, follow instructions for the Web version of Twitter.

How to keep your personal data private

Disable contact synchronization

What for: To prevent your contact details from ending up in the hands of cybercriminals in the event of a leak.

Twitter can use your contact list to suggest accounts to follow. It also uses contact list information to create targeted ads and form your news feed, and it can share with outside parties, increasing the risk of leaks.

To disable contact synchronization:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Privacy and safety.
  4. Go to the Discoverability and contacts section.
  5. Tap Remove all contacts to delete previously collected data and disable synchronization.
  6. Disable the Sync address book contacts option.

Note that even after you disable synchronization, the Twitter app will still have permission to access your contacts. To cancel this permission:

  1. Open Settings on the device.
  2. Locate and select Twitter in the list of apps.
  3. Disable the Contacts option.

Make your account private

What for: To keep cybercriminals from learning sensitive information.

By default, your posts are visible to everybody, even people who do not have a Twitter account. Information from posts can help cybercriminals launch phishing attacks. You can limit the visibility of tweets to approved followers.

To limit access to your posts:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Privacy and safety.
  4. Select the check mark next to Protect your Tweets.

Now Twitter users who want to see your posts will have to submit a request and wait for your approval.

Previously published tweets will remain public.

Also, people who were among your followers at the time when you made your profile private will continue to see your tweets.

Stop users from finding your account using your phone number or e-mail address

What for: To prevent cybercriminals from using such information.

By default, other Twitter users can find your account using your phone number or e-mail address. Information from your profile can help cybercriminals stage phishing attacks, so we recommend disabling this feature.

To stop users from finding your account using your phone number or e-mail address:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Privacy and safety.
  4. Go to the Discoverability and contacts section.
  5. Turn off the toggle switches:
  6. Let others find you by your email.
  7. Let others find you by your phone.

Downside: Users may have a harder time finding your Twitter account.

How to get rid of unwanted notifications

Turn off unnecessary notifications

What for: To minimize distractions.

By default, Twitter sends you notifications about other users’ activities. You can stop the app from notifying you about the activities of specific categories of users — for example, users who have not confirmed their contact details (spammers often avoid doing this to save time).

To do so:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Notifications.
  4. Turn on the Quality filter toggle switch.
  5. Tap Advanced filters and select check marks next to:
  • You don’t follow
  • Who don’t follow you
  • With a new account
  • Who have a default profile photo
  • Who haven’t confirmed their email
  • Who haven’t confirmed their phone number

Downside: The filter does not apply to accounts that you follow or with which you recently interacted.

Stop Twitter from sending you ads

What for: To minimize distractions.

Twitter can send you push notifications, text messages, or e-mails. Some of the notifications are marketing materials recommending products, including some from Twitter partners.

To stop receiving such notifications:

  1. Open the menu by tapping the icon in the upper left corner of the screen.
  2. Go to the Settings and privacy section.
  3. Select Notifications.
  4. Go to the Email notifications section and turn off the toggle switch at the top of the page.

We recommend reviewing other notification categories and disabling those that you do not want to receive.

Downside: Some notifications may contain information about service features and useful tips on using the platform.