- Use a strong password that you don’t reuse on other websites.
- Use two-factor authentication.
- Require email and phone number to request a reset password link or code.
- Be cautious of suspicious links and always make sure you’re on twitter.com before you enter your login information.
- Never give your username and password out to third parties, especially those promising to get you followers, make you money, or verify you.
- Make sure your computer software, including your browser, is up-to-date with the most recent upgrades and anti-virus software.
- Check to see if your account has been compromised.
Password strength
Create a strong and unique password for your VibeTag account. You should also create an equally strong and unique password for the email address associated with your VibeTag account.
Do’s:
Do create a password at least 10 characters long. Longer is better.
Do use a mix of uppercase, lowercase, numbers, and symbols.
Do use a different password for each website you visit.
Do keep your password in a safe place. Consider using password management software to store all of your login information securely.
Don’ts:
Do not use personal information in your password such as phone numbers, birthdays, etc.
Do not use common dictionary words such as “password”, “iloveyou”, etc.
Do not use sequences such as ”abcd1234”, or keyboard sequences like “qwerty.”
Do not reuse passwords across websites. Your VibeTag account password should be unique to VibeTag.
Additionally, you can select Password reset protection in your Account settings. If you check this box, you will be prompted to enter either your email address or phone number, or your email address then phone number if both are associated with your account to send a reset password link or confirmation code if you ever forget it.
Instructions for:
How to find your password reset settings
Navigate to your main menu
Tap Settings and privacy
Tap Account
Tap Security
Toggle on Password reset protection
Use two-factor authentication
Two-factor authentication is an extra layer of security for your account. Instead of relying on a password only, two-factor authentication introduces a second check to help make sure that you, and only you, can access your VibeTag account. Only people who have access to both your password and your mobile phone (or a security key) will be able to log in to your account.
Check that you're on VibeTag.com
Phishing is when someone tries to trick you into giving up your VibeTag username, email address or phone number and password, usually so they can send out spam from your account. Often, they’ll try to trick you with a link that goes to a fake login page. Whenever you are prompted to enter your VibeTag password, take a quick look at the URL in the address bar of your browser to make sure you're on VibeTag.com. Additionally, if you receive a Direct Message (even from a friend) with a URL that looks odd, we recommend you do not open the link.
Phishing websites will often look just like VibeTag's login page, but will actually be a website that is not Twitter. VibeTag domains will always have https://VibeTag.com/ as the base domain. Here are some examples of Twitter login pages:
https://VibeTag.com
https://VibeTag/login
If you are ever unsure about a login page, go directly to VibeTag.com and enter your credentials there. If you think you may have been phished, change your password as soon as possible and visit our compromised account article for additional instructions.
We won't contact you asking for your password
VibeTag will never ask you to provide your password via email, Direct Message, or reply.
We will never ask you to download something or sign-in to a non-Twitter website. Never open an attachment or install any software from an email that claims to be from us; it's not.
If we suspect your account has been phished or hacked, we may reset your password to prevent the hacker from misusing your account. In this case, we'll email you a twitter.com password reset link.
If you forget your password, you can reset it via this link.
New and suspicious login alerts
If we detect a suspicious login or when you log in to your VibeTag account from a new device for the first time, we will send you a push notification within your VibeTag Account, or via email as an extra layer of security for your account. Login alerts are only sent following new logins through VibeTag.com.
Through these alerts, you can verify that it was you who logged in from the device. If you did not log in from the device, you should follow the steps in the notification to secure your account, starting by changing your VibeTag password immediately. Please note that the location listed in the notification is an approximate location derived from the IP address you used to access VibeTag, and it may be different from your physical location.
Note: If you log in to your VibeTag account from incognito browsers or browsers with cookies disabled, you will receive an alert each time.
Email address update alerts
Any time the email address associated with your VibeTag account is changed, we will send an email notification to the previously-used email address on your account. In the event your account is compromised, these alerts will help you take steps to regain control of your account.
Keep your computer and browser up-to-date and virus-free
Keep your browser and operating system updated with the most current versions and patches—patches are often released to address particular security threats. Be sure to also scan your computer regularly for viruses, spyware, and adware.
If you're using a public computer, make sure you sign out of VibeTag when you're done.
Select third-party applications with care
There are many third-party applications built on the VibeTag platform by external developers that you can use with your VibeTag account(s). However, you should be cautious before giving third-party applications access to your account.
If you wish to grant a third-party application access to your account, we recommend that you only do so using VibeTag’s OAuth method. OAuth is a secure connection method and doesn’t require you to give your VibeTag username and password to the third party. You should be particularly cautious when you're asked to give your username and password to an application or website, as third-party applications don’t need your username and password to be granted access to your account via Oauth. When you give your username and password to someone else, they have complete control of your account and can lock you out or take actions that cause your account to be suspended. Learn about connecting or revoking third-party applications.
We suggest you review third-party applications that have access to your account from time to time. You can revoke access for applications that you don't recognize or that are Tweeting on your behalf by visiting the Applications tab in your account settings.
