With Twitter in chaos, some ways to protect your account

Security experts warn that the drastic job cuts may open the door to bad actors exploiting the platform's vulnerabilities and compromising user account


  • Follow us on
  • google-news
  • whatsapp
  • telegram


Published: Sat 19 Nov 2022, 8:15 AM

Twitter is in chaos. Elon Musk, its new owner, has decimated its staff and this week gave those remaining an ultimatum — work grueling hours and be “extremely hardcore” or leave. Hundreds chose the latter and headed for the door.

There are already signs that the exodus is stressing the system. Some users noticed problems receiving texts to sign in with two-step verification. Test pages are showing up in the wild. Some users are seeing a renewed barrage of spam in direct messages and on their feed, while others complain of receiving new replies to long-deleted tweets and seeing saved tweet drafts disappear. Still, the bird site is chugging along.

Twitter won't simply shut down overnight. But security experts warn that the drastic job cuts may open the door to bad actors exploiting the platform's vulnerabilities and compromising user accounts.

While there’s not much you can do about Musk’s on-the-fly teardown of one of the world’s key online information ecosystems, there are steps to protect your account if you, like millions of other Twitter users, are not ready to fly the coop in search for an alternative.

Enable multi-step authentication

If you only use your login and password to sign in to Twitter, it's important, especially now, to add an extra step to the process so it becomes more difficult for hackers to access your account.

Twitter has three methods to choose from: text message, an authentication app or a security key. Since there have been some glitches with users not receiving text messages to authenticate their accounts, and because it is generally considered a safer option, using the authentication app is probably your best bet.

To do this, you will need to download one of a number of available applications to your device. They are free in the Apple or Android app stores and some examples include Google or Microsoft Authenticator, Authy, Duo Mobile and 1Password.

Once you have the app, open the desktop version of Twitter and click on the icon showing ellipses in a circle. There, you'll find “Settings and privacy” then “Security and account access” and finally, “Security.” Here, you can select “Authentication app” and follow the instructions to set it up. Twitter will ask you to share your email address to do this, if you have not already.

Once you are all set, you can use the auto-generated numeric codes from your authentication app to add an extra layer of security when logging in to Twitter.

Shut down third-party access

Jane Manchun Wong, an independent software and security researcher in Hong Kong who follows Twitter closely, recommends revoking permissions to third-party sites and apps through your Twitter account.

That's because if there is a potential security problem with Twitter's API (or Application Programming Interface, which lets third parties access Twitter data to create apps that work with Twitter, for instance) with fewer people working at the company, patching it up will inevitably take longer.

To turn off this feature, start in the “Security and account access” tool and go to “Apps and sessions." Here, you should find all the third-party apps that have are connected to your Twitter account — including some you may have linked years ago that no longer exist — and you can revoke access to each one.

Download your archive

For the nostalgic, for research or for the digital hoarders among us, the idea of losing a decade or more of our tweet history is a catastrophe. Fear not, though. It might take some time, but you can download your Twitter “archive" if you'd like to ensure it's preserved — just in case.

As with other more complex features, this tool is only available on the desktop version of Twitter, in the “Your account” section of settings. You will have to enter your password again and go through two-factor authentication if you have that set up. When your archive is ready to download, you will get a notification on Twitter. Again, you will have to download it on the desktop version of the site. While normally this process takes about 24 hours, it may take longer now. Some users have also reported having to try more than once.

Preserve your followers list

While there's no perfect replacement for Twitter — and of course Twitter is still here! — many users, especially those in journalism, tech and academia, are signing up for Mastodon, a previously little-known platform that launched in 2016. Mastodon is a decentralized social network. That means it’s not owned by a single company or billionaire. Rather, it’s made up of a network of servers, each run independently but able to connect so people on different servers can communicate. Signing on can be complicated — you will need to pick a “server” to join, but regardless of which one you choose, you can still communicate with people on other servers, kind of like how you can email people from your Gmail account even if they are on Outlook or another email server.

Once you're in, you can go to fedifinder.glitch.me and find your Twitter following or any Twitter lists you might have to see if they also have Mastodon accounts. Many Twitter users are also listing other social networks and content information in their bios or even Twitter display names so people can get in touch with them — just in case.


More news from Business