Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

How to change your Twitter password and secure your account

After a glitch in Twitter’s internal systems exposed its 330 million user’s passwords to its internal systems, the social media giant is recommending that everyone change the passwords they use with the service. 

The process takes less than a minute, and should be considered essential for anyone with a Twitter account, especially if you use your Twitter password across multiple websites.

While we’re here though, it’s definitely worth changing your password properly and enabling two-factor authentication. Otherwise you’re going to end up with a password that’s just as prone to problems as what came before. (It doesn’t help that Twitter seems to be a little bit behind when it comes to online security best practice, with its on-site password strength checker rating simple phrases like ‘jonloveshalfpints’ as ‘Strong’.)

Here’s how you should change your Twitter password:

  • Log in to Twitter on desktop if you’re not logged in already
  • Click your profile picture on the top right
  • Click ‘Settings and Privacy’ from the drop-down menu
  • From the menu on the left, select ‘Password’
  • Type your current password
  • Optional: Use your password manager to generate a new password
  • Type your new password twice to confirm it
  • Click ‘Save changes’

If you don’t already have a password manager, then our guide to the best password managers has all the information you need to get yourself up and running.

While we’re here, it’s really worth setting up two-factor authentication to give yourself that extra layer of security.

If you don’t know what that is, then think of those services that send you a code via text that you use to login, meaning that only someone with access to your phone can get into your account.

Text messages are okay, but it’s much more secure and convenient to use a dedicated authentication app, which will work even if your phone doesn’t have signal. Google Authenticator is a good option, and we also like Duo for the convenience of push notifications.

Here’s how to get it set up:

  • Download your authentication app of choice
  • Head into your Twitter settings on desktop by choosing ‘Settings and privacy’ from the drop-down menu that appears when you click your profile picture on the top right
  • Click ‘Review your login verification methods’ which should appear just below the ‘Security’ sub-heading in the middle of the page
  • Re-enter your password if requested
  • Next to the ‘Mobile security app’ option, click ‘Set up’, then click ‘Start’
  • You might need to re-enter your password at this point
  • A window will pop up showing a QR code; open the authenticator app you downloaded on your phone, and go through the process of adding a new site; this will open a camera app that you use to scan this QR code
  • Your app will now show a 6-digit code; enter this on your desktop when requested

Related: Best VPNs

After this point, you’ll need to open the app to generate this code whenever you want to log into Twitter on a new device.

What are your tips for staying safe online? Let us know @TrustedReviews

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.