To prevent fake copies of Twitter from stealing your password, make sure the URL of the page you are at begins with https://twitter.com/
To be absolutely sure, go the web address (URL) bar in your browser and hand type in twitter.com and press enter to make sure you are at the right site.
If you have intentionally logged out, the page should like the first image below, and the URL should be something like https://twitter.com/?lang=en&logged_out=1#!/download
If you are logging in from a computer you don’t usually log in from, https://twitter.com or http://twitter.com or should be how the URL starts, and it should look like one of the variations below (though Twitter may add new pictures over time):
If you see pages that look different than these, don’t login to them! You may have been directed to a page that isn’t really Twitter, but a copy designed to fool you and steal your password.
(Of course, if someone is watching you login over your shoulder, or you’ve given your login to someone, or you use the same password at different websites, your password can still be misused.)