How to Change Your Privacy Settings on Twitter (X)
Twitter — now rebranded as X — gives users a meaningful amount of control over who sees their content, how they're discovered, and what data gets shared. But those settings are scattered across several menus, and the interface has shifted enough times that many users aren't sure where everything lives. Here's a clear walkthrough of what's available and how to navigate it.
Where Privacy Settings Actually Live
On both desktop and mobile, privacy controls are found under Settings and Support → Settings and privacy → Privacy and safety. This single section contains most of what you'll need, but a few relevant controls — like connected apps and data permissions — sit in adjacent menus under Security and account access.
It's worth knowing that the mobile app (iOS or Android) and the desktop web interface show largely the same options, though the layout differs slightly. If you're not finding something on one platform, try the other.
The Core Privacy Controls and What They Do
🔒 Protecting Your Posts (Private Account)
The most significant privacy toggle is "Protect your posts" (formerly "Protect your tweets"). When enabled:
- Your posts are only visible to approved followers
- New follow requests require your manual approval
- Your posts cannot be retweeted by others
- Your content won't appear in public search results or on the open web
This is the fundamental divide between a public account and a private one. For most users who want real privacy, this is the setting that matters most.
Audience and Tagging Controls
Under Privacy and safety, you'll also find:
- Photo tagging — Choose whether anyone can tag you, only people you follow, or no one
- Location information — Option to add location to posts (off by default; can be permanently cleared)
- Stories and Spaces — Controls for who can see certain content types
Discoverability Settings
These settings affect whether people can find your account without already knowing your handle:
- Let people who have your email address find you
- Let people who have your phone number find you
Both can be toggled off independently. If you've added a phone number for two-factor authentication, disabling discoverability via phone number doesn't remove 2FA — it just prevents contact-based discovery.
Direct Messages 🔐
The Direct Messages section under Privacy and safety lets you control:
- Whether people you don't follow can send you DMs
- Whether you receive message requests from everyone, or only accounts you interact with
This matters more than many users realize. Leaving DMs open to everyone can result in a significant amount of unsolicited messages, particularly on public accounts.
Data Sharing and Personalization
Under Privacy and safety → Data sharing and off-X activity, you'll find controls over:
- Personalized ads — Whether X uses your data to target advertising
- Off-platform data — Whether activity from third-party websites and apps (via embedded X buttons or pixels) informs your ad profile
- Interest-based personalization — X infers interests from your activity; you can review and adjust these
These settings don't affect your visibility to other users — they affect how X uses your behavioral data internally. Turning them off limits data collection but doesn't change what others can see.
Muting and Blocking Controls
Under Privacy and safety, the Mute and block section covers:
- Muted words — Any keyword, phrase, or hashtag that will be filtered from your notifications and timeline
- Muted accounts and Blocked accounts — Manage lists of accounts you've silenced or blocked
- Notifications filters — Limit notification noise from accounts that are new, unverified, or don't follow you
These tools are more about managing your own experience than controlling your public footprint, but they're part of the broader privacy picture.
Variables That Affect Which Settings Matter to You
Not every setting carries the same weight depending on how you use the platform:
| User Profile | Most Relevant Settings |
|---|---|
| Public figure / creator | DM controls, notification filters, tagging |
| Private personal account | Protect posts, discoverability, photo tagging |
| Business / brand account | Data sharing, discoverability, DMs |
| Casual lurker | Personalization controls, data sharing |
| Security-conscious user | Discoverability, connected apps, 2FA |
Connected third-party apps are worth a separate check — under Security and account access → Apps and sessions, you can see every app that has been granted access to your account and revoke any you no longer use or recognize. Old app authorizations are a commonly overlooked exposure point.
A Few Platform-Specific Notes
- X Premium subscribers have additional features that can affect visibility (like reduced algorithmic suppression), which interacts with privacy settings in ways non-subscribers don't encounter
- Verified status (whether legacy or paid) can affect how your account is surfaced in recommendations
- Settings sync across devices, so a change made on mobile applies to desktop immediately
The Piece That Varies by Person
The technical steps for changing these settings are consistent — the menus are the same for everyone. What differs is which combination of settings is appropriate for a given situation.
A journalist using X as a public platform has fundamentally different needs than someone who joined primarily to follow accounts privately. Someone concerned about data harvesting will prioritize the personalization toggles; someone worried about harassment will focus on DMs and notification filters; someone managing a brand account will think about discoverability entirely differently.
The settings themselves are straightforward to change. The judgment about which ones to change — and how far to take them — depends entirely on what you're trying to protect, and from what.