Keep your Twitter account secure

Here are 5 things you need to know about protecting your Twitter account and keeping it safe from being compromised or hacked.

1. Twitter will only contact you in-app or via an email sent from an @twitter.com email address. We will never ask you to provide your password via email, Direct Message, or reply. We will never ask you to download something or sign in to a non-Twitter.com website. We will never contact you via other social channels e.g. WhatsApp. Never open an attachment or install any software from an email that claims to be from us but is not sent from an @twitter.com email address; it's not.
2. Turn on Login Verification and Password Reset Verifications. Turning on Login Verification or 2 Factor Authentication (2FA) provides an additional layer of security for your account by sending a One Time Password (OTP) to your mobile. More information can be found here. Password Reset Verification means that if you ever forget your password, you will be prompted to enter either your email address and/or phone number to send a reset password link.
3. Don’t click suspicious or unknown links. If someone sends you a link on Twitter that looks suspicious - even if it’s from someone that you know - don’t click on it. The other Twitter user’s account could be compromised and it’s important that you don’t click the link and compromise your own account. If you click on a link and find yourself on a page that resembles the Twitter login page, do not enter your username and password. Instead, go to twitter.com and log in directly from the Twitter homepage.
4. Don’t ignore emails sent to you from @twitter.com. We will occasionally send you emails regarding your account security and it’s very important that you read them. For example, when you log in to your Twitter account from a new device for the first time, we will send you a notification via email as an extra layer of security. Any time the email address associated with your Twitter account is changed, we will send an email notification to the previously-used email address on your account. In the event your account is compromised, these alerts will help you take steps to regain control of your account.
5. Use a strong password that you don’t use on other websites. Your password should be at least 10 characters long and use a mix of uppercase, lowercase, numbers, and symbols. Use passphrases, not passwords. Do not use common dictionary words or phrases.

If you’re concerned your account may have been compromised, you can find more information here about the steps you can take to help secure your account.

To request a password reset or contact our Support team, find out more here. You can also contact @TwitterSupport via Direct Message. For more information on account security, visit the Twitter Help Centre.