Account security is important—not just for online shopping and bank accounts, but your social accounts too. The damage someone could do to your personal and professional life can be devastating. Just like any other important account, you have to take the proper precautions to make sure you’re the only one with access.
A few weeks ago, I got a mention on Twitter from a very close friend of mine. It was a crude tweet with a link—something he would never do. I immediately jumped over to his profile to see that these sort of tweets had been happening for a couple of days, and there were a lot of them. Given the nature of his job, I knew this was bad. I called him up to let him know what was happening, and he took care of the situation quickly.
This is just one of many scenarios that can play out if you don’t properly secure your social accounts. Let’s talk about how to make sure this doesn’t happen to your Twitter account, shall we?
While you can do most of the stuff we’re going to talk about today from the Twitter app, we’ll be covering most of this stuff from the web.
Like with most, you’re going to want to start in your Twitter Account Settings. There are a few areas to focus on here, starting with your first line of defense: your password.
Choose a Strong Password
I know you’ve heard it all before, but I’m going to be the guy that keeps saying it until you listen: you have to use a strong password. This is not an option—if it’s easy for anyone you know to guess, it’s not strong! If all it takes is for someone to learn a little bit about you—favorite colors, pet names, children’s names or birthdays, etc.—to guess your password, then it’s a no go. I get it, those are the easiest to remember. I know. But they’re also the most insecure.
Of course, the more secure your password, the harder it is to remember. To that end, you really should use a password manager. I’ve been using LastPass for years—it has every password I actively use stored behind its locked doors, and it’s great. I remember my primary LastPass password, and it does the rest for me. It generates secure passwords and remembers them so I don’t have to.
Once you’ve committed to a lifestyle of secure passwords, it’s time to change that crummy Twitter password of yours. From Twitter’s Account Settings page, click on “Password.”
You’ll first have to input your old password, the choose a new one. If you set up LastPass (or any other password generator), I’d just let it do its thing here. When you’re finished, just click “Save changes.”
Good job, you’re now one step closer to having a safe account.
Use Two-Factor Authentication
Your second line of security is two-step authentication, which is also often called Two-Factor Authentication (or 2FA for short). Twitter actually simplifies this even more, just calling the feature “Verify login requests.”
Basically, this means that whenever you (or anyone else) tries to log in to your Twitter account, it will also require a unique code that is sent to your phone number. Of course it doesn’t help a whole lot if someone has your phone, but at that point you have a lot more to worry about than just Twitter.
To set up login requests, click the “Security and privacy” option on your Account Settings page.
The first option on this page is “Verify login requests”—go ahead and tick that box. A popup will show up, allowing you to set the feature up.
Click start here, then put in your password.
The next page will ask you to verify your phone number—click “Send code” once you’ve verified that the number is correct.
Within a few seconds, you should get a code sent to your phone. Input that code into the next screen to confirm.
After you input the code, it will let you know that login verification is enabled on your account and offer backup codes. If you don’t do this now, you can always get them later by accessing Settings > Security and Privacy again.
Once Login Requests has been enabled, a new option will also show up: Generate app password. Essentially, this will create a temporary password that you can use to log in to Twitter on new devices or in apps. The temporary password will expire after one hour, making this a nice security feature for quick logins.
With everything all set up, head down to the very bottom of the page and click “Save changes.” That’s important!
Require Personal Information with a Password Reset
In the same menu where you set up Login Requests, there’s another option you’ll probably want to enable as well: “Require personal information to reset my password”.
When you tick this box, Twitter will require personal information from you before allowing the password to be reset. This will essentially help prevent would-be wrongdoers from jacking your account by resetting your password.
Once you’ve ticked that little box, hit the “Save changes” button on the bottom of the page.
Keep an Eye on Connected Apps
Like with other accounts—Google, Facebook, etc.—you can use Twitter to log in to other apps and services. This is a very simple way of gaining access to specific services quickly and easily—especially ones that will ultimately be able to post Tweets to your account.
But over time, you may stop using these apps. That’s why it’s always a good idea to keep an eye on what you’ve granted access to. If you no longer use that app or service, revoke its access. No point in giving access to something you don’t use!
To this, click the “Apps” entry on your Account Settings page. It’s closer to the bottom of the page.
Just go through the list—if you see something obsolete, just click the “Revoke access” button. Repeat this process for any apps you don’t use. I’d come back and check this list once every few months too, just to keep it clean.
If you happen to accidentally click “revoke” on an app you still use, a “Undo Revoke Access” is at the ready for you. That’s convenient.
While there a handful of other areas in Twitter’s Accounts Settings that you may also want to take a closer look at—notifications, for example—they don’t necessarily directly correlate with securing your account. Making it less annoying? Sure. But not securing.
What we’ve covered here today, however, is the brick and mortar of making sure your account is as safe and secure as it can be.