Improved account security during the 2020 US election

Thursday, 17 September 2020

Voters, political candidates, elected officials and journalists rely on Twitter every day to share and find reliable news and information about the election, and we take our responsibility to them seriously. As we learn from the experience of past security incidents and implement changes, we’re also focused on keeping high-profile accounts on Twitter safe and secure during the 2020 US election.

We’re taking the additional step of proactively implementing account security measures for a designated group of high-profile, election-related Twitter accounts in the US. Starting today, these accounts will be informed via an in-app notification from Twitter of some of the initial account security measures we will be requiring or strongly recommending going forward. 

While we’re requiring some accounts do this given the unique sensitivities of the election period, everyone on Twitter can take advantage of these security measures, (and we encourage them to do so!)

What types of accounts are in this designated group?

  • US Executive Branch and Congress
  • US Governors and Secretaries of State
  • Presidential campaigns, political parties and candidates with Twitter Election Labels running for US House, US Senate, or Governor
  • Major US news outlets and political journalists

What account security requirements and recommendations will be communicated today?

  • Accounts will be required to use a strong password. Accounts with a weak password will be required to update and use a stronger password the next time they log in.
  • Twitter will enable Password reset protection for accounts by default. This is a setting that helps prevent unauthorized password changes by requiring an account to confirm its email address or phone number to initiate a password reset.
  • Accounts will be strongly encouraged to enable Two-factor authentication (2FA). 2FA provides an additional layer of security to protect accounts from unauthorized logins.

Here is what the first notification will look like:

This post is unavailable
This post is unavailable.

In the coming weeks, Twitter will also implement additional proactive internal security safeguards for these accounts, including:

  • More sophisticated detections and alerts to help us, and account holders, respond rapidly to suspicious activity
  • Increased login defenses to prevent malicious account takeover attempts
  • Expedited account recovery support to ensure account security issues are resolved quickly

Implementing these security measures is a critical preventative step, and you will continue to see us introduce new protections and features to help safeguard accounts on Twitter.

This post is unavailable
This post is unavailable.