Edit: January 22, 2023
I have made some revisions to this post after new policies have been enacted regarding the linking to competing social media sites. That was done when it was initially changed and I have not logged back in since. In fact, I set my password using a random password generator and didn’t save it. The real life equivalent of locking the door and throwing away the key. I am never going to be back and after the last round of hacks I just wanted to make doubly sure the password was secure.
With that being said, some of the information below may be incorrect or out of date as functionality may have changed. I am not going to go back and look.
When I left Twitter, I was concerned about some of the personal information Twitter has on me. The obvious solution is to delete my account and request data deletion but there are two problems with that. One, after thirty days your Twitter username becomes available and bad actors can take it and start impersonating you. Two, with everything happening at Twitter there is no guarantee that a data deletion request will be honored.
This is my approach but understand that this is not a comprehensive guide and I am doing everything I think will help to safeguard my personal data and possible impersonation.
A few important things to remember about Twitter:
They have my email address
They have my phone number
They have my location information
They learned what are my interests, and incorrectly guessed others
They know who I interacted with
They have records of my IP address
I know there is a lot I cannot do to remove what they have already on me, but I can take some steps to reduce what they can keep and use to sell. I also think that keeping an account inactive hurts Twitter more than deactivating it because the metrics looks at total number of active users.
Now to start putting my Twitter account into a dormant state
First I got a cheap voice/text only SIM card off of eBay. The one I got was $30 yearly and comes with 200 voice minutes, 1000 text, and 200 MB of data.
Then I created an account over at Mailbox.org to use only for Twitter
I may be a little extra cautious (paranoid) but I also burned a Ubuntu Linux ISO to a bootable USB and booted off of that. Once booted into Ubuntu, I connected to a VPN and logged into my Twitter account because I didn’t want any transactions logged to my home IP address and my computer possibly leaking personal info.
All changes will be made from root menu Settings and Support > Settings and Privacy
After confirming my password, I made the following changes:
Phone Number – Change to cheap SIM card number
Email – Change to mailbox.org email address
Protected Tweets – No
(I plan to delete all my old tweets and set a pinned tweet)
Gender – Not allowed to change because it assumed based on profile and activity (Seriously, WTF?)
Birth Date – Change to something which will approximate my age
Change Your Password
I changed my password to one never used before, not re-used, or similar to others.
Download an Archive of Your Data
Security and Account Access
Security : Two Factor Authentication
Disable text message and enable Authentication app then generate and save backup code.
I already use the Authy app for 2FA
Apps and Sessions : Connected Apps
I went through each connected app revoked app permissions
Apps and Sessions : Sessions
Logged out of all other sessions
Disconnected all accounts
Privacy and Safety
There’s a lot in here, but to keep it simple I will list ones I kept on.
Content You See > Topics – Clear everything under followed
Content You See > Interests – Uncheck Everything
Content You See > Explore Location – Set to your country
Content You See > Hide Sensitive Content, Remove Blocked and Muted Accounts
Mute and Block > Muted Notifications – All On
Discoverability and Contacts > Manage Contacts > Remove all Contacts
Data Sharing and Personalization > Location Information > Add Location Information to Your Tweets > Remove All Location Information Attached to your Tweets
I will list the ones I turned on. All others are off. Some settings carry over from Privacy and Safety so they do not need to be changed
Preferences > Email Notifications > Turn on Direct Messages
Now all the settings have been changed. I used a service to delete all my tweets, unfavorite, and undo retweets. I picked one which could scan my data archive since it would be the most reliable.
Last thing is to update the profile.
I changed my name to my Mastodon social handle, in the bio I put a note that the account has been abandoned and I could be found on Mastodon.¹ Location is the Mastodon handle again. Website I left. Then I changed the profile picture to the original new user egg avatar and¹ the banner to a black background.
Log Out and Done.
¹ Since Elon Musk declared links to Mastodon instances as malicious I have put the link as a QR code in my profile picture.