Twitter users can now encrypt their direct messages, providing an extra layer of security. The new feature comes with some conditions, however. This feature, recently announced by Twitter, uses strong cryptography to encrypt direct messages, links, and comments before the platform sends them from the user’s device.
The encryption remains in effect while Twitter stores the message, and it decrypts itself when it reaches the recipient. To apply the encryption, Twitter generates private and public key pairs specific to each device. The public key is established when logging into a new device or browser, while the private key remains on the user’s devices and is not shared with Twitter. The conversation key, which is used to encrypt the content of direct messages, is securely exchanged between the participating devices using the private key pairs.
The reservations
The sender and recipient must be using the latest versions of Twitter’s web, iOS, or Android apps. They must also be authenticated users or associated with a verified organization. Additionally, a Twitter Blue account or verified organization subscription is required.
The encryption is limited to text and links only, excluding media or other attachments. Twitter doesn’t yet support encryption for group chats, though it plans to work on that in the future. Specific metadata, such as information about the recipient and the time of creation, are not yet encrypted.
New devices that log into Twitter cannot join existing encrypted DM conversations, and a maximum of 10 devices per user can participate in encrypted DMs. Man-in-the-middle attacks are not protected, although Twitter is actively addressing this vulnerability.
Enable encryption
To enable encryption, users need the latest version of the Twitter app. They can tap the Info icon to start an encrypted message in an existing chat. Users can activate the encrypted mode switch and compose messages for new chats.
Twitter wants to distinguish encrypted DMs by displaying a lock icon on the recipient’s avatar badge. The info icon confirms that Twitter has encrypted the messages.
Twitter’s encryption, while coming later than other platforms such as Signal or WhatsApp, allows users to secure their confidential or private direct messages, improving overall privacy and data protection.
