Forgot your Twitter password? If so, be careful how you reset it. On Feb 4, 2025, researchers from SentinelLABS warned that all 650 million X (formerly Twitter) users were in the crosshairs of an insidious phishing campaign. The researchers discovered that attackers were targeting high-profile X users with fake alerts about suspicious activity on their accounts.
When the unsuspecting users clicked on those links to reset their passwords, they were summarily locked out of their accounts. The attackers then used those accounts to send out phishing links advertising fraudulent crypto opportunities to ensnare yet more victims.
So, if you’re thinking of changing your password on Twitter, your best bet is to initiate it through the official website or app. We show you how below.
Steps to Reset Your Twitter or X Account Password
You can complete the reset process two ways:
Using the password reset page |
Using the X/Twitter login page |
|
|
To protect the integrity of the password reset process, be sure to check the “Password Reset Protect” box. Doing this ensures Twitter will require confirmation of your phone and email address before a password reset can commence.
You’ll find this feature by navigating to Settings > Security and Account Access > Security.
- Access passwords anywhere, anytime
- Generate unique, strong passwords
- Autofill and share with one click
- Backed by expert threat intelligence
Using a Phone Number for Recovery and 2FA (Two-Factor Authentication)
Adding a mobile phone number to your Twitter account allows for faster account recovery, should you lose access.
Adding your phone number on your web browser:
- Click the “More” icon and select “Settings and privacy” from the drop-down menu.
- Click on Your account tab and choose “Account information.”
- Select Phone from the drop-down menu.
- Click “Add phone number and verify your password. Tap “Continue.”
- You’ll get a code (via SMS text message) to your phone number. Enter it in the Verification code box and click “Activate phone.”
Adding your phone via mobile app on Apple iOS and Android devices:
- Navigate to account settings or “Settings & Privacy.”
- Under “Your Account,” select “Account Information.”
- Under “Phone,” select “Add.”
- You’ll be prompted to confirm your password before proceeding.
- After adding your number, you’ll receive a verification code via text.
- Enter this code into the Twitter app and tap “Verify.”
Your phone can also serve as a 2FA method, where you’ll receive an SMS text message with an authentication code to enter when you log in.
While SMS-based MFA remains popular, it’s also vulnerable to SIM swapping and phishing attacks.
Twitter currently supports two stronger 2FA methods:
- Security key (like YubiKey) that inserts into your computer or syncs to your mobile device
- Mobile authentication app like Google Authenticator, LastPass Authenticator, Duo Mobile, Authy, etc.)
To add another layer of security to your Twitter account, read up on how to set up 2FA on Twitter here.
Recovering Your Twitter Account Without Email or Phone Number
Many people have asked, “Is it possible to recover your Twitter account without your email or phone number?”
The short answer is no.
If your phone number isn’t verified and you’ve lost access to your account’s email address, your best bet is to wait for account deactivation.
This means you do nothing for 30 days, at which time your account will be deactivated due to inactivity. This frees up your username, which allows you to sign up again for a new account.
If, however, you suspect your account has been hacked or compromised, your best bet is to contact Twitter Support. You can do this by navigating to the X Help Center and filling out this form:
Use LastPass to Avoid Forgotten Passwords
Let’s face it: resetting forgotten passwords is a chore. That’s why 62% of us use the same password for many or all our accounts.
With LastPass, you’ll never have to create or juggle passwords again:
- Our password generator makes it easy for you to generate strong passwords quickly – so you can get back to living life.
- You get a personalized vault protected by military-grade encryption to securely store all your login credentials and sensitive data.
- Dark Web Monitoring ensures your data is monitored 24/7, and you get alerts if any of your credentials are found on the Dark Web.
The above isn’t an exhaustive list of what LastPass can do for you. Don’t wait to sign up today: LastPass Premium is free for 30 days (no credit cards, no commitments).