How to make sure your Twitter doesn't get hacked like Jack Dorsey's

Key Points
  • Several high-profile Twitter accounts have been hacked recently, including Twitter CEO Jack Dorsey's.
  • You can turn on certain security protections that will make it harder for hackers to gain access to your account, even if they get your password.
  • Here's how to turn on two-factor authentication on Twitter.
Twitter CEO Jack Dorsey arrives at the "Tech for Good" Summit in Paris, France May 15, 2019.
Charles Platiau | Reuters

Last week, Twitter CEO Jack Dorsey's account was hacked. When it happened, bizarre messages, including with racial slurs and one that defended Nazi Germany, were posted to his 4.2 million followers.

On Wednesday, Hollywood actress Chloe Moretz's account, which has more than 3.1 million followers, was also hacked. Similarly strange messages were tweeted in her name, including what was allegedly Dorsey's Social Security number. Then, also on Wednesday, another account owned by rapper Joey Badass was breached. This time, private messages between Joey Badass and Chloe Moretz were shared to Twitter.

You can see the problems here: If your account was hacked, the people who gain access can tweet anything they want. For a moment it might make people think it's actually you. Any private conversations you've had over direction message could be shared, your account could be used to post embarrassing photos of other people and more.

It sure makes one wonder what Twitter's doing to secure accounts of world leaders, like President Trump. An attack on his account could cause serious harm.

It's not clear how the attacks took place: if it was simply breached passwords or something more complex. But Twitter said on Wednesday that it's temporarily turning off a feature that let people tweet by sending a text to Twitter. Perhaps it's related.

Twitter has some protections in place that can help you prevent this from happening. You need to turn on two-factor authentication. Doing this means you'll need to enter in a code that Twitter sends you each time you try to log in from a new device. It prevents someone from logging in with just your password.

Two-factor authentication isn't perfect. Avoid the "text message" option that can still leave you vulnerable to hackers who can gain access to your phone's SIM card by calling your wireless carrier and tricking the company into transferring your number to another SIM card. But there are other options you can use. I'll explain how to protect yourself.

How to prevent your Twitter account from being hacked

  • To get started, you first need to download a mobile security app. Several exist, but I use Microsoft Authenticator. You can download it for Android and for iPhone.
  • Open Twitter on your iPhone or Android device.
  • Choose Account.
  • Tap Security.
  • Select Login verification.
  • Turn Login verification on.
  • Choose "Mobile Security app." (As I mentioned above, don't choose the text message option.)
  • Enter your Twitter password.
  • Tap Set up now.

That's it. Now you'll be on a screen inside the Microsoft Authenticator app that shows you a six digit code you need to use to log-in to Twitter.

The next time you log in, you'll be asked for your password and then for this six digit code, which changes every 30 seconds. Without access to this code, hackers will have a more difficult time trying to get in to your account.

Jack Dorsey's Twitter feed apparently hacked