Check These Essential Twitter Privacy and Security Settings
Make your Twitter private and protect yourself from basic hacks on mobile and laptop.
Rae HodgeFormer senior editor
Rae Hodge was a senior editor at CNET. She led CNET's coverage of privacy and cybersecurity tools from July 2019 to January 2023. As a data-driven investigative journalist on the software and services team, she reviewed VPNs, password managers, antivirus software, anti-surveillance methods and ethics in tech. Prior to joining CNET in 2019, Rae spent nearly a decade covering politics and protests for the AP, NPR, the BBC and other local and international outlets.
1. Open the Twitter app on your phone, and tap on your circular profile picture to open your main menu.
2. Toward the bottom of the list, find and tap Settings and Privacy. This will open the Settings page.
While you're here, you can change your Twitter password from this screen by tapping Your account, and then tapping Change your password. Use a solid password manager to choose a strong password that you don't have to write down or remember.
3. In the Settings page, tap the fifth option on the list -- Privacy and safety.
4. You have a few options to boost your privacy here. These three are most helpful for people who worry that they are actively being singled out by others for harassment or attack. If that's you, don't forget to report any accounts that harass you.
To hide all your tweets from everyone except people you follow, tap Audience and tagging. When the next screen opens, toggle the Protect your tweets option on, and tap Photo tagging to turn that feature off.
If you want to open up your Direct Messages to everyone -- or close them so only people you follow can message you -- tap Direct messages. In the next screen you'll see three toggle switches you can adjust to suit your preferences.
If you want to prevent people from finding you on Twitter by using your email or phone, tap Discoverability and contacts. Under this menu, you'll be able to hit two toggles to stop others from searching you out with those bits of information.
The Privacy and safety menu is also the best place to manage what personal data Twitter is pulling from your mobile device and (partially, at least) what it does with that data. Changing these settings won't create much noticeable change to your normal Twitter experience, but they'll improve your privacy.
The first thing you should do is tap Off-Twitter activity. There's no reason to give Twitter access to your web-browsing habits, just because a site you visit has a Tweet embedded in it. And there's no reason to let Twitter build a dossier on you based on the mobile devices you use. Toggle off Allow use of where you see Twitter content across the web, and then toggle off Personalize based on your inferred identity.
If you tap Ad preferences, you can toggle Personalized ads off to reduce some of Twitter's ad targeting.
You'll find another toggle in the Privacy and safety sub-menus labeled Data-sharing with business partners and two more toggles under Location information. Twitter doesn't need that much access to your personal data to do what you want it to do. Turn all three toggles off.
Change Twitter privacy and safety settings on laptop or browser
Changing your settings on a laptop or a browser is a process that looks slightly different than making changes on mobile, but the same basic steps are involved.
1. Once you're logged into Twitter with your username and password, you should be on your main Home screen.
2. On the left side of the page you'll see a list of options. Click More. In the sub-menu that drops down, click Settings and Privacy.
3. Click Privacy and safety. Just as described for mobile users in the section above, you can lock down your account for a range of audiences.
Under the Your Twitter activity section, you'll find menus labeled Audience and tagging as well as Discoverability and contacts. You'll find options in both of those menus that are helpful if you're concerned about being specifically targeted (as opposed to being vulnerable to mass attacks). This is also where you can find Mute and block options -- whether you're tired of seeing a particular person, a trending hashtag or a sensitive word.
Under the Data-sharing and off-Twitter activity section, you'll see four menus and you should click and turn off the toggle options in each.
Go back to the Settings and privacy menu where you started, and tap Security and account access. The three options you see on the screen that comes up next are simple, but they're the best way to make sure your Twitter account isn't considered low-hanging fruit by malicious actors who buy-and-try user credentials en masse.
Tap Security, and tap Two-factor authentication. Twitter offers three options to choose from -- text message, authentication apps (like Okta), or security key -- so pick one that's most convenient. Enabling two-factor authentication won't protect you from all hacks, but it will shield you from an entire category of them. While you're there, toggle-on Password reset protection to protect yourself from others who are trying to reset your password.
Take some time to check out the four options under Apps and sessions. You should familiarize yourself with the tools here because they could come in handy. From this screen, you can make sure there aren't any shady apps hooked into your account. Be sure to check the Sessions menu to see the entire list of devices that are currently logged into your account. Are you sure all those devices are yours? If not, kick them out and change your password immediately.
What if I get a fake Twitter DM?
If you get a suspicious Twitter Direct Message, report and block the account. In the screen displaying that DM exchange, tap the small information icon -- a circle with a lower-case i inside of it -- located in the top-right corner of the screen. It will be directly to the right of the name of the person sending you the DM. When you click the icon, the Conversation info screen will appear, from here you can select both Block @username or Report @username.
How do I see sensitive media and content on Twitter (or block it)?
To control whether you can see sensitive content in your timeline, including content with adult themes, open your main Twitter menu on the mobile app and select Settings and Privacy. If you're using a browser go to your Twitter Home page, click More, then click Settings and privacy to get to the same place. From Settings and privacy, select Privacy and safety, then select Content you see. If you want to see sensitive media, add a check to the box beside Display media that may contain sensitive content. To avoid sensitive content, you can remove the check from the box. After all, there are some things that just can't be unseen.
Note that the sensitive content checkbox did not appear on iOS or iPadOS during testing.
What do I do if my Twitter account is hacked?
If you're still logged into your Twitter account, do not log out yet. You can also check to see if you've got another device that's still logged in -- an old phone, a spare laptop, a friend's device you previously logged in with. If you're logged in on any device, change your Twitter password as fast as possible. On mobile: Tap your profile picture to bring up the main menu, then tap Settings and privacy, tap Your account and finally Change your password. On a laptop or in a browser: Go to your Home screen, select More, then Settings and privacy, followed by Your account and Change your password. If you've changed your password, the intruder is logged out automatically. Now also go change the password to whatever email address you use for your Twitter account. If you're still logged in but you can't remember your password, quickly kick the intruder out of your account, make sure they haven't changed your Twitter account's email address, and then reset your Twitter password via email. To kick them out, go to Settings and privacy again. Now go to Security and account access, then Apps and sessions and then Sessions. Click Log out of all other devices.
They're out but the clock is ticking. Quickly go back to Settings and privacy and look under Your account. Make sure your email address is still the one listed here. If not, click Email, then click Update email address and change it to any email address you know you've got access to. Now go back to the Your account screen, click Change your password and then Forgot password.
If you're locked out of your account, try a password reset. If the email address you're using with Twitter is also compromised, enter your mobile number into the password reset field. If you don't have access to either your email or mobile number, you're in a tough spot. You can submit a Twitter Support Request, but you may still need to regain access to your email address. Twitter has a convenient link list so you can find your email provider's support contact.