X Configuration Guide
Communication PlatformsOrganization Security
This checklist is adapted from Auditware's W3OSC standards.
Organization Account Settings
Security and Account Access
- Settings > Security and account access >
-
Security >
- Two-factor authentication >
- Text message > Disabled
- Backup codes > Save a code in a password manager (recommended)
- Password reset protect > Enabled
- Two-factor authentication >
-
Apps and sessions >
- Connected apps > Remove all unnecessary
- Sessions > Log out of all other sessions
- Connected accounts > Confirm and disconnect any unnecessary
-
Delegate >
- Allow others to invite you to their account > Disabled (if not necessary)
- Members you've delegated > Confirm delegate list, remove any unnecessary
-
Security >
- Your account > Account information > Phone > Delete number [1]
Typefully Integration
- Ensure that team members in Typefully have only the Write permission, with a minimum amount of Publishers and Admins.
Notes
[1] Email Security
It is recommended to ensure the email you use does not match your public name, is publicly known, or is easily guessable.
You can easily work around this by supplementing your email address with a "+" suffix - e.g. myemailusername+randomcharacters@gmail.com (works with Gmail and iCloud emails).
Related: For comprehensive Twitter/X security guidance, see Community Management - Twitter.