March 20, 2015

How to Secure Your Twitter Account


Are you aware of the power of tweeting? If you are, I believe you have been tweeting like it's second nature. Even you may have come a long way to a point where you don't even wanna think about a day without Twitter too. Either if it's a primary social hub, a marketing tool or tweeting for fun, how would you feel to learn your Twitter account has been compromised?

It doesn't necessarily mean that your account has been hacked, but I don't think you would be pleased. However, you can always follow the recovery process to get it back. It can be simple as resetting your password and regaining access, or it may be complicated enough that you won't be able to retrieve your Twitter account.

Did you know that according to Twitter's Inactive Account Policy, if you were inactive on Twitter for 6 months since your last update or login, it can be permanently removed due to prolonged inactivity?


Security!


Twitter provides set of privacy and security features to keep user accounts secure, and been improving their platform in response to new security threats too. Prevention is the best. But when it fails, recovery suppose to have your back.

But at some points, if Twitter can't verify you as the owner, they simply won't be able to help you - even if it's not your fault. If everything fails, they will invite you to create a new account instead.

Thankfully, I've come across such a scenario through a wonderful tweep, and made me think of writing this post.

She did try everything she could to recover hers, but Twitter had no good response for her. I had to spend hours for days with dozens of failed attempts until we could recover her account at last.

It seems Twitter need to assess the worst case scenarios on security threats and recovery, and hopefully they will. Else I don't think anyone would be delighted to let go of their favorite Twitter profile and start another from scratch. Would you?


Secure or Recover?


Securing your Twitter account is your responsibility. If you are not aware of what you can do to improve the security, I will talk about available security settings here.

Most importantly, I'd take it from the aspect of recovery. In that way, you will come to know that some features of Twitter actually increase your chances of recovering your account, and help you keep a safe distance from security threats too.

Actually, you will be helping Twitter Support team to help you back. They will appreciate it.

Secure or recover? Let's talk about both and be prepared.


Mobile


Add Your Phone Number


Connecting your phone number to Twitter account allows you to receive SMS text message updates, and let you play with SMS commands. You may not even interested in those features, since you can access your Twitter account through the mobile app. Hence, adding your phone number may seem unnecessary or not a good idea after all.

But, from the aspect of your account's security, it's vital for the recovery process.

In case if you couldn't login to your Twitter account anymore, and lost access to your email address or didn't receive password reset emails from Twitter, you can be helpless. At such times, even Twitter Support may not be able to help you. Sounds unbelievable, but it's true.

In such a scenario, having your mobile number added to your account can be the only way you can regain access to your account.


If you still couldn't verify your mobile device with your Twitter account, now it would be the best time to add your phone number. Keep in mind that one phone number can only be associated with one Twitter account at a time.

Actually, this step alone can save you a lot of trouble in the recovery process.


Mobile App


Official Twitter Mobile app is another way to keep yourself connected to Twitter on your mobile device. You may not fond of the official Twitter mobile app, but if you do, make sure you are always logged into your Twitter account on your mobile device.

The reason is, in a worst case scenario, Twitter may able to assist you recover your account if you are still logged in via Twitter mobile app.


Alternatively, you can keep yourself logged into Twitter on your mobile device via its mobile website - mobile.twitter.com.


Security and Privacy


Login Verification


Login verification feature exists to assure you're the only one who can access your Twitter account. With this feature turned on, entering your password won't be sufficient to log in. In addition, you will need to enter a verification code too.

Hence, even if someone got to know your password, he / she won't be able to login to your account. It helps you keep your account more secure.


To enable this feature, you need to add your phone number to your account or have official Twitter app (Android / iOS) installed in your mobile device.


Password Reset


When you lost access to your account or forgot your password, you can request a password reset by entering your Twitter username. Then you will receive a password reset email to the email address associated with given username.

But if you have password reset feature enabled, Twitter will require your associated email address or mobile number to be entered prior it sends you a password reset email.


This is not a vital security feature, but it can discourage the intruders whom attempting to find a way to take over your Twitter account.


Discoverability


Discoverability manages how others can find you on Twitter using your personal information. If your friends know your email address or phone number, you can let them find you on Twitter by using those information.

Now let's think like a hacker for a 25 seconds. Shall we?

Imagine if someone wants to hack into your account. The first clue he / she might be interested in finding is: the email address associated with your Twitter account.

Eventhough your Twitter handle is transparent, others doesn't know your email address, password or mobile number associated with your account. But letting others find you by your email address can play into the hands of enthusiast. It's an opportunity for him / her to verify the email address associated with your account. Should we leave the slightest opportunity for bad guys?


Hence, turning off Let others find me by my email address option can take you one step ahead.

However, letting others find you by your mobile number may not impose such a risk. Even if someone knows your phone number, it doesn't give any advantage over you without being able to access your mobile device. Yet, you can turn it off if you don't find that option useful to you or your friends.


Apps


If you are very concerned about the security of your Twitter account, you need to keep your eyes on authorizing third-party apps too. Unless a bad or vulnerable application may end up compromising your Twitter account.

Apps tab let you verify which apps you have authorized to access your Twitter account, and what are the permissions you have granted to each application. If you have signed into a product or service via Twitter, you can see them listed here.


You can simply go through the list of applications and verify the permissions. If you come across any application that you no longer make use of or seem suspicious, use the corresponding Revoke access button to remove / disconnect the app from Twitter.

Further, let me share a helpful tip that may serve you on recovering your account.

If you have given access to Twitter Management Apps such as Twitter Mobile App, Buffer, HootSuite, TweetDeck, you may not wanna revoke access eventhough you don't use them. Keep at least one of such apps connected to your Twitter account. It will come in handy when you can't convince Twitter that you were the owner of your Twitter account.

You may not get WHY, but you will do in case if you lost access to your Twitter account and no other way of recovering.


More?


Now I hope you're aware of what Twitter settings can secure your account, and what actions will benefit you in the recovery process.

If you have been tweeting long enough, I believe you already know Twitter's safety basics too. Anyway, let me remind you of a few basics and be done with it.

● Make sure your email address is secure

● Use a strong password and never share it away online

● Report and block suspicious Twitter accounts you come to know

● Beware of suspicious links you come across via tweets or direct messages

After setting up preferred options and taking necessary actions on securing your Twitter account, ask yourself my question again,

How would you feel to learn your Twitter account has been compromised?


Enjoy :-)

19 comments:

Harleena Singh said...

Hi Mayura,


Informative post indeed :)

Yes, I still remember your wonderful post about how to secure our Facebook account, and now you tell us about our Twitter account - that is wonderful! I need to bookmark your post and come down to doing all the things you mentioned, but over the weekend!


Or else, I'd just message you if my account gets hacked, so you can help me too...lol...I know you are always there!


Thanks for sharing this with us. Have a nice week ahead :)

Adeel Sami said...

Hello Mayura,

Thanks for this post in time of where security is a must!

I was checking the security features the other day after like a year or two and was pleased to see more features added in there. Working on it because I do heart Twitter and my account!

I am glad to land on your blog after checking the post shared by @Harleena Singh on FaceBook!

Thanks!!

See me often!

~ Adeel Sami

TonmoyParves said...

Thank you Mayura for your complete guideline . Would you please write one more content for Facebook? I lost my Facebook accounts a lot's of time. So, if you please that will great

Lisa Sicard said...

Hi Mayura, Such great info! I didn't realize providing cell number was safer than email. This is so good to know as Twitter accounts do get hacked from time to time. Thanks so much! I would HATE to have mine compromised.

ArtaGene said...

Hi Mayura,
Some very good tips.

Here is one you didn't mention that I do, I use Last Pass and let it generate long and complicated passwords for all my accounts.

Before I got it, I almost always used one password to log into my blog, Twitter...Facebook.. thinking they were all in different places so what did it matter?
Since I don't have a very large Twitter account, never crossed my mind that anyone would want to hack it.
Guess people hack and sell or use the information inside?
Crooks always find a way!

As you said above, be prepared by leaving some setups in place and that will make the recovery easier if it becomes necessary.
C.
AG

Mayura De Silva said...

Hi Harleena,

Glad you found it informative dear :)

Ha ha... Of course, I'm here if you need me ;) But I'm sure you will rather keep enthusiasts out of your Twitter account and let no one play tricks on it.

It's nice of you to recall the post on Facebook as well. Last time you had to experience a similar situation on Facebook. Isn't it? But you recovered it very well :)

Now I hope this post will help you enhance the security and be prepared for security threats on Twitter too.

You have a lovely week too, Harleena :)

Cheers...

Mayura De Silva said...

Hi Adeel,

Right on, mate :) We can't afford to ignore the security of our online accounts.

Sounds like you are here on time as well. Glad you have been through security settings already and hope you will take further actions following this post too :)

I've witnessed some queries on forums that users were blaming on Twitter as they couldn't recover theirs anymore. I think we shouldn't wait until it's too late.

It's nice of you to come through Harleena's share and glad to have you mate :)

Cheers...

Mayura De Silva said...

Hi Tonmoy,

You're welcome and hope yours gonna be secured :)

I'm sorry to hear about your Facebook account though. Actually, I've already covered several topics on securing our Facebook accounts too. You can browse through the security topics and read the posts related to Facebook - Security :)

I hope you will find them helpful :)

Cheers...

Mayura De Silva said...

Hi Lisa,

Glad you enjoyed it and I know you would never dream of losing your Twitter account :)

Yeah, it really is :) Eventhough your Twitter account is compromised and email isn't accessible, having a verified phone number will save you.

You're right. Lately I've read many queries from tweeps who can't get back into their accounts too. Guess no one wanna be one of them.

Now I hope you will have yours more secure too, Lisa :)

Cheers...

Mayura De Silva said...

Hi Arta,

I'm glad you found them helpful, and you have a wonderful tip for a strong password there :)

One password for all make things easy for us and hackers as well ;) Hence LastPass or similar solution comes in handy.

There can be variety of reasons behind compromising too. As I know, it could be to misuse, sell / use personal information, you can be another victim of a prime target, or it can be just a bug in a third party app. As long as we value our Twitter efforts, we have to keep it secure.

You got it :) Believe me, some cases can leave us helpless on recovery and such tips can save a lot of your precious time.


Hope you will keep yours secure with what works best for you dear :)

Cheers...

Debbie D. (Doglady) said...

Thank you for this important information, Mayura. I've always been reluctant to hand over a phone number, but you've made me realize this may be a good thing. I would hate to have my twitter account hacked! That said, my passwords are all unusual, plus suspicious tweets are always reported and blocked. Cheers!

Adrienne said...

Hey Mayura,


This is really good information but I have a questions for you. I HATE giving out my cell number. I know that for account access they recommend it but I don't want people to start getting their hands on that number. That's the only reason I won't go this particular route but I guess any number that accepts text messages would be okay?


I try to keep my account pretty clean and I have to tell you, my password would be difficult to crack. I'm sure anything is possible of course but it would take them forever.


Either way I have it pretty secure but not the cell number to verify it. Thanks though for letting us know it's better safe than sorry.


~Adrienne

Mayura De Silva said...

Hi Adrienne,

Awesome! Nice to hear you have already secured your account dear :)

Of course, you can provide any number that can receive text messages. Adding your mobile number doesn't reveal it to anyone else though. But in case you locked out of your account and no way in, Twitter Support may want to verify it.

Fair point on providing personal information. If you don't feel comfortable providing any of your numbers, you can follow other tips as well :) They can help indirectly to ease the recovery process, so matters won't get worse even if it's out of your hands.


Cheers...

Carolyn Nicander Mohr said...

Hi Mayura, This is very helpful. I'm a big fan of two-step verification of passwords. Anyone who has had an account hacked knows the horrible feeling when you discover that a hacker now controls your account.


A hacker can do a lot of damage with a compromised Twitter account. Even businesses have discovered the embarrassment of hackers' tweets and they aren't pretty.


Thanks for keeping us posted on how to keep our Twitter accounts safer, Mayura!

Mayura De Silva said...

Hi Carolyn,

Nice to hear you found it helpful dear :)

You're absolutely right about that. I haven't been through it myself, but had the opportunity on recovering accounts though. Like you said, they aren't pretty and can make situations quite complicated.

Sometimes even Twitter Support leaves us no choice, but ask to move on and create a new account. Hence I thought these tips might come in handy for anyone can't afford to lose their accounts.

Now I have no doubt you have two-step verification set up already and hackers will give up after reading your comment ;) A simple step can make a big impact on security.

Cheers...

Donna Merrill said...

Hi Mayura,

Thanks so much for walking us through how to secure our Twitter account. This is something that I didn't give a second thought to. But something that is sure needed. As more and more people are attacking accounts, I sure wouldn't my Twitter to be un-secure.

Going off to apply this right now and of course sharing your awesome knowledge!

-Donna

Mayura De Silva said...

Hi Donna,

Awesome! ... for taking immediate actions :)

I'm glad to hear you enjoyed the post, and hope this will be helpful for tweeps especially to be prepared for the worst kind of scenarios dear :) Sometimes we don't bother until it's gone. Isn't it?

You'd be surprised how many out there still trying their best to get back into their Twitter accounts. Thankfully, I could help a tweep recover hers and learnt these crucial tips in the process.

Now I hope yours almost secured, Donna :)

Cheers...

maxwell ivey said...

hello; this post was a real education for me. i didn't realize that these things actually happened where someone lost their account because they couldn't convince twitter or prove to them that it was their account. I've noticed lately that some apps when authorized only work until the next time you use them and require you to continue to give them permission. I need to go through my authorized apps. and i plan to give a lot of thought to changing the let people find me via email to off. and i believe i have my phone number on my account but i will certainly add it if it isn't already there. lots of good advice. thanks for sharing, max the blind blogger

Mayura De Silva said...

Hi Maxwell,

I'm glad you found it helpful and especially, as you gonna take action mate :)


Yeah, it's the sad part of the story. Eventhough it was our account, if we fail to convince Twitter, we may not be able to recover it. Hence some of above tips may come in handy in the worst scenarios.

You're right. Some apps require to sign in each time you use them while others only need the first time :) I hope you will go through the authorized apps and make sure your list is safe.

At least, having your mobile number associated with your account can save you, Maxwell :) I hope yours already secured.

Cheers...

Post a Comment