twitter expert

Home > Learn > Passwords

Don't Give Others Your Twitter Password

As Twitter has become better at shutting down malicious apps, we've seen more of the bad guys asking users for their Twitter passwords. Once they have your password they are able to seize control of your account for their own purposes. This can cause huge damage to your account and can often be irreparable.

Under no circumstances should you ever give anyone your Twitter password, or the verified phone number on the account. If a website has asked you for your password after signing you up to their service, or after taking payment from you, then they are clearly trying to deceive you - especially if they did not inform you beforehand that they would be requiring your password.

Tip: Use 'Sign In With Twitter' Instead
  • Good: Using 'Sign In With Twitter' to log into an authorized app
  • Bad: Giving your actual twitter password to someone

Why Is It Bad

Any website or app that is asking for your actual password is doing so because Twitter has blocked them from integrating directly as an authorized app. This is because they are usually doing bad things to your account, such as:

  • Posting tweets without your permission
  • Sending DM's to your followers
  • Stealing your personal data
  • Aggressively following and unfollowing others
  • Spreading viruses and holding you to ransom
  • Hacking your other accounts
  • Engaging in identity theft
  • Selling actions made in your account to others
  • Selling your twitter account
  • Changing your email and password (locking you out)
  • And the list goes on...

At a minimum your account will usually be locked by Twitter when the operator starts to perform actions in it (you will usually be able to unlock it). Unfortunately, in many instances your account is likely to be suspended, or possibly even stolen and lost forever. In some cases you may even face legal jeopardy if they break the law with it.

How To Secure Yourself (Again)

If you have given your password out then you will need to take action quickly to protect yourself. In a nutshell, this is what you need to do:

  • Change your password
  • Log out all devices
  • Review your apps
  • Set up login verification (with a phone)
  • Look for actions you didn't make

You can change your Twitter password on the settings page.

screenshot of changing twitter password

Next you should head down to the apps and devices tab and click the 'Log out all' link. This will log the bad guys out of your account.

screenshot of logging devices out of twitter

On that same page you should take the time to review all the apps that you have connected to your Twitter account. If there are any you don't recognize or trust, then revoke their access. You should see in that list. Needless to say we hope you'll keep us connected, but feel free to revoke access if you are not using twiends.

screenshot of reviewing apps

On the account tab you should look to add login verification using your phone. This means that Twitter will send you a code when you try to log in. It's just an extra layer of security for your account. You may need to add your phone number first if you have not already done this.

screenshot of login verification on twitter

Finally, you should take some time to scan through your recent tweets and DM's to see if there are any suspicious posts you did not make yourself. If you find any then delete them. You should also check your recent likes and retweets.

Stop The Bad Guys

Now that your account is secure again you need to try and recover any money you paid to the bad guys. If someone asked you for your Twitter password in order to promote your account, then it is likely they asked you for a PayPal or card payment at the same time. In order of preference you should look to do the following:

  • Ask them for refund (they may or may not comply)
  • File a PayPal dispute
  • File a chargeback with your bank

If you paid via PayPal then you can use their dispute resolution process to recover your payment. Otherwise if you paid via a card then you can definitely ask your bank to cancel the payment via a chargeback. If their service is legitimate and they are not breaking any of the rules then you may have a tough time getting your money back, but if they are asking for your password and breaking rules then you may have a strong case.

Use 'Sign In With Twitter'

The recommended way to authorize an app is to use Twitter's sign in capability. Apps that use this capability need to be authorized by Twitter and do not require that you divulge your password to others.

screenshot of twitter sign-in


The golden rule is never to give out your Twitter password and only to ever use 'Sign In With Twitter' to connect to apps you trust. If you have already given out your password then follow the steps in this article to take back control of your account today. Finally, recover your funds from those that have asked you for your password and stay clear of their 'services' in the future.

Twiends™ uses the Twitter™ API, displays it's logo & trademarks, and is not endorsed or certified by them. These items remain the property of Twitter. We do not sell followers, we only provide display advertising. Bots & fake accounts are not permitted on twiends. © 2009
Grow Your Twitter Free
Want To Grow Your Twitter?
We help other people find and follow you on Twitter.
Key Info:
Started in 2009
Over 7 million signups
We never auto tweet to your timeline
We never auto follow others
We actively moderate our community
Please Share
Please upgrade your browser  chrome