X Configuration Guide
Communication PlatformsIndividual Security
This checklist is adapted from Auditware's W3OSC standards.
Individual Account Settings
- Account Settings:
- Settings >
- Security and account access >
- Security >
- Two-factor authentication >
- Text message > Disabled
- Backup codes > Save a code in a password manager (recommended)
- Password reset protect > Enabled
- Two-factor authentication >
- Apps and sessions >
- Connected apps > Remove all unnecessary
- Sessions > Log out of all other sessions
- Connected accounts > Confirm and disconnect any unnecessary
- Delegate >
- Allow others to invite you to their account > Disabled (if not necessary)
- Members you've delegated > Confirm delegate list, remove any unnecessary
- Security >
- Your account > Account information > Phone > Delete number [1]
- Security and account access >
- Settings >
Notes
[1] Email Security
It is recommended to ensure the email you use does not match your public name, is publicly known, or is easily guessable.
You can easily work around this by supplementing your email address with a "+" suffix - e.g. myemailusername+randomcharacters@gmail.com (works with Gmail and iCloud emails).
Related: For comprehensive Twitter/X security guidance, see Community Management - Twitter.