Using Twitter Safely


Nasir uses twitter when he’s on the go. it's how he shares links and connects to other sectors in the country. So he has to ensure he isn't giving away too much information through his privacy settings.

As with any social network, Twitter is vulnerable to over sharing, data leakage and unintended consequences.

Like Facebook and Google, Twitter is also driven by ad revenue so it’s very interested in what its users are up to when they’re using Twitter and when they aren’t (you did realise that Twitter tracks the websites you visit didn’t you?).

First things first. You’ll find the privacy settings at under the gear icon, then Settings.

Then click Security and privacy over on the menu to the left of your screen.

Twitter’s security settings

The first section is about Security and how you access your Twitter account.


This is set by default to off. Make it harder for an unauthorised person to login to your account, by choosing to receive login verification requests via a text message on your phone or the Twitter mobile app.


Set by default to off, you only need to enter your Twitter username.

Check the Require personal information to reset my password so that two factors are required and, most importantly, so you can avoid reset emails and get a code sent by SMS to your phone instead.

Twitter’s privacy settings

The second section is about how private you choose to make your Twitter account.


Like Facebook, others can tag you in a photo, which is just like a ‘mention’ on Twitter – you get ‘mentioned’ in the uploaded photo.

This is set by default to on, meaning anyone can tag you in a photo. Use the radio buttons to restrict tagging to people you follow back, or disable photo tagging altogether.


By default, Protect my Tweets is off, and anyone on Twitter, all your followers, and anyone searching Google can see your tweets. If you check the box to protect your Tweets, it locks down your visibility. A lot.


This is set as ‘off’ by default and you have to opt-in to use it. You can also specify before you tweet whether you want the location information on or off.

Keep locations off, there are too many unintended consequences, and delete all past location information to be on the safe side.


Let others find me by my email address is on by default and enables people who may not know your Twitter handle, but do know your email address, to find you.

Apply the ‘principle of least privilege’ here. If you can think of a really good reason why you want to be discoverable by your email address (we can’t) then switch it on, otherwise turn it off.


Personalization is about tailoring suggestions of which accounts to follow, based on information that Twitter gathers about you around the internet.

You can turn it off by unchecking the box next to Tailor Twitter based on my recent website visits.


Twitter has ads. These are in the form of paid-for sponsored tweets, Twitter Cards, and promoted accounts. If you want Twitter to “bring you more useful and interesting advertising content”, you won’t uncheck this box.Twitter has partnered with third party ‘behavioural advertising’ companies (behavioural ads are the ones that follow you around from website to website). If you visit a website that’s in of those advertisers’ networks then their ads can now follow you on to Twitter too.

The setting Tailor ads based on information shared by ad partners is on by default. Switch it off by unchecking the box.

You can also disable personalization and promoted content by switching on Do Not Track in your browser. As we mentioned, Twitter has been honouring Do Not Track for a long time, and it says in a support article, “When you have DNT enabled in your browser, Twitter would not receive browser-related information from our ads partners for tailoring ads.”


Continue the conversation.

Visit to post comments and get advice from a community of security experts

Summary steps

  • To effectively use Twitter safely, and reduce the risks of being tracked or being monitored, please turn off location settings and also, disable personalized ads by enabling “Do Not Track” in your browser.