Mission impossible: Can you regain access after Twitter lockout?

If you rely on Twitter for business or recreation, it’s time to worry. Although the days of frequent service outages have passed, users have a new cause for concern – getting locked out without explanation by Twitter itself.

Unfortunately, when this happens, you have no recourse, and there is no one to call. It’s bad news.

One of the top technology industry analysts in the world, Ray Wang, whom I have known personally for many years, is a victim of this situation. Wang is no newcomer to Twitter: his account has been active since 2008 and has 119,000 followers. He is also a blue-checked user, meaning Twitter has verified his identity as authentic.

Given his credentials, if this can happen to Ray, then you are also at risk.

The facts: Last Friday, Sept 28, the Ray Wang’s twitter account issued an odd tweet, with a link leading to a Bitcoin scam page supposedly run by Elon Musk. The account username was changed to “Elon.” I saw the tweet and it was obvious Ray’s account had been hacked.

The same day, Twitter locked the account, changed the name back to the pre-hacked state, and sent a form letter to Wang requesting verification to restore access. Ray responded quickly, but Twitter sent this note while continuing to deny access:

​Twitter response to request for user verification

Twitter response to request for user verification

Despite numerous emails, Twitter support eventually closed the ticket related to this issue:

 

​Twitter closes the case and user remains locked out

Twitter closes the case and user remains locked out

At this writing, after several days, Wang still cannot access his Twitter account.

What it means and what you should do

This problem happened because Wang no longer has access to the original email he used to sign up for Twitter in 2008. Twitter has not created processes to handle this kind of situation, so account access remains denied with no way to recover.

As we all know, Twitter has become a utility on which we rely. As a public company, we expect Twitter to deliver on their brand promise of ubiquitous communications and user-centric policies. They are no longer a tiny startup where this kind of fail is excusable.

The extent to which Twitter’s policies are incomplete and ill-formed is simply extraordinary. Of course, I understand that Twitter needs to ensure security and does not mistakenly verify an impostor, however, Wang made repeated offers to provide iron-clad methods to prove his identity.

I sent the following email to Twitter seeking a comment:

 

​Request for comment to Twitter

Request for comment to Twitter

Unsurprisingly, the company did not respond to my request for comment.

Take these steps immediately, to ensure you are not a victim of Twitter’s policies:

  • Use a strong password and change it regularly
  • Enable two-factor authentication with a current phone number
  • Remove access from other applications
  • Keep your email address up-to-date. However, if your email no longer works, then you may already be out of luck.

Beyond those steps, frankly, there is not much you can do. Hard to believe, isn’t it?

Update: Ray’s access is finally restored:

Thumbnail image from Pixabay

(Cross-posted @ ZDNet | Beyond IT Failure)

LinkedIn Twitter
Well-known expert on why IT projects fail, CEO of Asuret, a Brookline, MA consultancy that uses specialized tools to measure and detect potential vulnerabilities in projects, programs, and initiatives. Also a popular and prolific blogger, writing the IT Project Failures blog for ZDNet.