Twitter for Windows users: Medium privacy set

How to keep your account from getting hacked

Set a strong password

What for: So you don’t get hacked.

If you use a short and simple password, cybercriminals can guess it and hijack your account. The more complex and longer the password, the stronger it is. Use a strong password that:

  • Consists of 8–20 characters.
  • Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.).
  • Is not an actual word or easy-to-guess phrase.
  • Is not the same as your password for any other account.
  • Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, etc., or those of your relatives and friends).

To change your password:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. In the Account section select Password.
  4. Enter the current password for your Twitter account.
  5. Enter a new strong password twice.
  6. Click Save.

Enable two-factor authentication

What for: Better protection against getting hacked.

Twitter can prompt you to enter an additional one-time code every time you log in to your account. If cybercriminals attempt to hack your account, they will not be able to log in without the code. The code can be received in different ways: by text message (SMS) or using an authentication app.

To enable two-factor authentication:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. In the Account section select Security.
  4. Select Two-Factor Authentication.
  5. Select the authentication method:
  6. Text message — receive a one-time code by SMS.
  7. Authentication app — a one-time code is generated in a dedicated app such as Authy or Google Authenticator.
  8. Security key — a one-time code is generated using a USB authorization device such as YubiKey.
  9. When two-factor authentication is enabled, you will see a dialog box with a one-time backup code. Copy it and store it in a safe place. You’ll need this code to access your account if you lose your phone. Note that you can log in using the backup code only in the Web version of Twitter.

A hardware security key can be used only in combination with two-factor authentication by text message or a mobile app.

Downside: If you use SMS-based authentication, Twitter can use the specified phone number for targeted ads.

Check the security of your account

What for: To make sure that you are the only one who has access to the account.

You can view the history of logins and other activities carried out from your account. If you detect any suspicious activity, immediately change your password and terminate all active sessions except the current one.

To check the security of your account:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. In the Account section select Apps and sessions.
  4. Check your personal data and activity log in the Sessions section.
  5. Click Log out all other sessions to end all active Twitter sessions except the current one.

How to hide your activity

Stop Twitter from showing your location

What for: To spare device resources and hide from cybercriminals.

Twitter receives information about your approximate location based on your IP address so you can geotag your posts and view targeted ads and recommendations.

Information about your location can help cybercriminals launch phishing attacks.

To disable geotags:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Select Location information.
  5. Clear the check mark next to Add location information to my Tweets.

To remove geotags from previously published tweets, in the same menu click Delete all location information and confirm your selection.

Downside: You will lose any geotags that you added to your tweets in the iOS or Android app. However, if you enabled the Precise location feature in the Twitter app on your mobile device, location settings in the Web version will not affect this feature.

How to defeat spammers and trolls

Restrict contacts from sending you direct messages

What for: To limit unwanted communication.

By default, only users whom you follow can send you direct messages. However, we recommend checking this setting:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Make sure that the Receive messages from anyone check mark is cleared.

This will not affect users with whom you have already started chats. To stop them from sending you direct messages, blacklist them.

Companies and developers may send you direct messages requesting your location or access to media files. They use this information to configure recommendations. Note that this information can be shared with third parties, so treat such requests with care.

Exclude offensive posts from your news feed

What for: Peace of mind.

You can stop tweets containing specific words, usernames, hashtags, and smiley faces from appearing in your news feed and notifications. This lets you hide unwanted posts.

To configure the filter:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Content preferences section.
  4. Select Muted and then Muted words.
  5. Click + in the upper right corner of the screen.
  6. In the opened window:
  7. Enter the word or phrase that you want to mute.
  8. Select the check mark next to Home timeline.
  9. Select the check mark next to Notifications and select From anyone.
  10. Select the check mark next to Forever.
  11. Click Save.

By default, the filter applies forever to both the home timeline and the notification feed. Also keep in mind that the filter is not case-sensitive and does not apply to notifications from users you follow.

You can also configure the muting of tweets, comments, and notifications from specific users:

  1. Open the user profile whose publications you want to mute.
  2. Click the three-dot icon to the left of Follow.
  3. Select Mute @username.

You can view the list of users you’ve muted by selecting Muted accounts in the Muted section.

Stop unwanted content from showing in the news feed and search results

What for: To exclude adult and graphic content from your notification feed.

Twitter can filter out content it designates offensive. This feature is disabled by default. However, we recommend checking the settings.

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Make sure that the Display media that may contain sensitive content check mark is cleared in the Security section.

Keep in mind that you will still see such content in search results. To stop Twitter from showing it in search results:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Content preferences section.
  4. Select Search setting.
  5. Select the Hide sensitive content check mark.

Stop blocked accounts from showing in the search results

If you block a user, you will still be able to see their account in Twitter search results. To exclude blocked accounts from search results:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Content preferences section.
  4. Select Search setting.
  5. Select the check mark next to Remove blocked and muted accounts.

How to hide posts from unwanted people

Block unwanted users

What for: To keep unwanted people out of your virtual space.

To stop a specific user from viewing your tweets and replying to them or sending you direct messages, you can block the user. Blocked users cannot view your profile or contact you.

To block a user:

  1. Go to the profile of the follower you wish to block.
  2. Click the three-dot icon to the left of Follow.
  3. Select Block @username.
  4. Select Block in the opened dialog box.

The user will not be notified about getting blocked. However, if they visit your profile, they will see that you blacklisted them. In that case, the blocked user can file a complaint against you and view all tweets in which you mentioned them.

You can unblock a blocked user any time (for example, if you blocked the user by mistake):

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Scroll down and select Blocked accounts.
  5. Click Blocked to the right of the account that you wish to unblock.

Keep in mind that if one of your followers shares the link to the photo attached to your private tweet, the image will be visible to all recipients.

How not to expose your personal data

Remove synchronized contacts

What for: To keep your contact details out of the hands of cybercriminals in the event of a leak.

Twitter can use contact lists from your e-mail account and your mobile device to recommend users you might want to follow. The service also uses contacts to create targeted ads and form your news feed. This information can be shared with other parties, which increases the risk of leaks.

If you previously imported contact lists of your e-mail account or other services into Twitter, you can remove the imported contacts from the social network.

To remove contacts imported from other contact lists:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Select Discoverability and contacts.
  5. Select Manage contacts.
  6. Click Remove all contacts and confirm your selection.

Keep in mind that after this, contact syncing will be disabled on all devices.

Downside: Twitter will no longer be able to recommend accounts to follow from your contact list. However, you may still find some people from your contact list in suggestions.

Make your account private

What for: To keep cybercriminals from learning your sensitive information.

By default, your posts are visible to everybody, even people who do not have a Twitter account. Information from posts can help cybercriminals launch phishing attacks. You can limit the visibility of your tweets to everybody except approved followers.

To limit access to your posts:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Select the check mark next to Protect your Tweets.
  5. Click Protect.

Now Twitter users who want to read your posts will have to submit a request and wait for your approval.

Previously published tweets will remain public.

Also, people who were among your followers at the time when you made your profile private will continue to see your tweets.

Stop users from finding your account using your phone number or e-mail address

What for: To prevent cybercriminals from using such information.

By default, other Twitter users can find your account using your phone number or e-mail address. Information from your profile can help cybercriminals stage phishing attacks, so we recommend disabling this feature.

To stop users from finding your account using your phone number or e-mail address:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Privacy and safety section.
  4. Select Discoverability and contacts.
  5. Clear check marks next to:
  6. Let others find you by your email.
  7. Let others find you by your phone.

Downside: Other users will have a harder time finding your Twitter account.

How to get rid of unwanted notifications

Turn off unnecessary notifications

What for: To avoid distractions.

By default, Twitter sends you notifications about the most interesting (according to the service) activities of other users. If these notifications distract you, stop the app from notifying you about activities of specific user categories (for example, those who have not confirmed their contact details; spammers often avoid doing that to save time).

To do so:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Notifications section.
  4. Set the check mark next to Quality filter.
  5. Click Advanced filters and select check marks next to:
  6. You don’t follow
  7. Who don’t follow you
  8. With a new account
  9. Who have a default profile photo
  10. Who haven’t confirmed their email
  11. Who haven’t confirmed their phone number

Downside: The filter does not apply to accounts that you follow or with which you recently interacted.

Stop Twitter from sending you ads

What for: To minimize distractions.

Twitter can send you browser notifications and e-mails. Some of the notifications are marketing materials about recommended products, including from Twitter partners.

To stop receiving such notifications:

  1. Click More in the menu on the left to view advanced settings.
  2. Open Settings and privacy.
  3. Go to the Notifications section.
  4. Select Email notifications.
  5. Clear check marks next to:
  6. News about Twitter product and feature updates
  7. News about Twitter on partner products and other third party services
  8. Participation in Twitter research surveys
  9. Suggestions based on your recent follows
  10. Tips on Twitter business products

We recommend reviewing other notification categories and disabling those that you do not want to receive.

Downside: Some notifications may contain information about service features and useful tips on using the platform.