56 comments on “A One-step Way to Lose Your Account … Forever”

  1. There’s one way to lose your account even if you do those things. If a hacker changes all of this recovery information. Some services protect against this by using 2 step verification and not changing your password or alternate address or phone numbers until you’ve entered the code they send you.

    One mechanism I’ve thought of which I think would work would be for the web sites to have an “I believe my account was hacked, please send recovery information to a previous email address or phone number” link to be able to recover the account even if hackers have changed the recovery information.

    Facebook has a good mechanism for protection against account loss info by allowing you to designate friends who can vouch for you. I highly recommend people to enable that feature.

    There’s also one thing to watch out for in providing an alternate email account. If you plan to travel abroad, make sure your alternate email addresses don’t require 2 step verification if you try to access your account from abroad. I have an account with softhome.net as a last resort for that purpose. They are a little known provider and don’t implement 2 step authentication.

  2. Yes I know someone or others who are doing this for reason I don’t know I have tried to stop it but they are too over doing it where they even know when I go and have others watch my house, Its not family. If these people would have just stopped others wouldn’t have to take action..Thanks Janet

  3. People, enable these recovery options! I personally forgot the password to my microsoft email (it is on one of networks set up by Microsoft: hotmail, live, or outlook) which is linked to my microsoft account.

    Luckily, the info was updated and the alternative email was in place. They just needed to be used.

    I got my account back through the alternative email address recovery option since my phone’s battery was dead and was charging.

    Seriously: If you want your account back, put recovery information into it to access it. You never know when it will be useful.

  4. I have set up accounts at Google Gmail, Yahoo, Hotmail and AOL; each user name and password are written down in very careful letters not penmanship. With that printing in front of me all results are “Wrong user name or password”; If I do not know the password copied from in front of me then who knows more than I? My opinion is natural born (many generation) American citizens are classified as enemies. We USA citizens are a conquered nation. I stated such to Congress when homeland security was being debated before it was established. Do I half to become a foreigner to use e-mail?

    • I think this has more to do with mistyped passwords (yes, still), miswritten passwords, or even hacked accounts. Those are certainly the conclusions I would investigate before assuming there’s some government conspiracy. Nine times out of 10, when you KNOW you’re typing in the correct password and it still tells you you’re wrong, then a hacker has broken in and changed your password on you.

  5. Just an aside from one who has been duped, momentarily at least, with yet another
    free scan and report of 415 registry or other errors in my Windows 7 system. Most of
    these offers are misleading or duplicitous scams. Meanwhile MS says all systems are
    working fine. I liken this to a mechanic who finds your OK running car has some
    problems that he alone can fix. Anyway, enjoy your comments, insights and apparently
    straight shooting ideas and suggestions. JAS, Wisconsin

  6. My Chromebook OS does not support microsoft-outlook or hotmail addresses. Please delete this address: {removed}@hotmail.com
    If you can not delete this hotmail address please advise

  7. There’s a very minor topographical error in this article.

    The second bullet point about the conundrum includes the phrase “or as asked”. The word “as” should be “are”.

  8. I experienced all the pains that people expressed in the comment section following this article and related ones (I read them all). My most frustrated one was recently when I visited my relatives in the NW and I was living in SW at the time. As Leo suggested I had one Hotmail account and my alternate e-mail is Yahoo (vice versa). The fun started when Hotmail required the verification code that they sent to Yahoo account (alternate e-mail) and lo and behold, as I tried to access Yahoo to retrieve the code, Yahoo did the same by denying my access and sent a verification code to my Hotmail account. You can see this clearly is a closed loop and nothing I can do about it. Trying to access my Hotmail account by sending Hotmail proof that I am the owner of the account is a joke. Anyhow things went back to normal when I returned to the SW and I have tried to set up phone numbers for recovery option as I will be travelling overseas very soon. Two things I did were; (1) signed up for Google voice which I was provided a VoIP number and have registered that with Hotmail and it was accepted but not Yahoo (Yahoo responded that they currently don’t accept VoIP number), and (2) updated my T-Mobile cell account (Clarification: I neither own T-Mobile stocks nor work for T-Mobile) with text option (I was told I could receive text for free in countries that T-Mobile has services or affiliated with the local phone services). This SMS feature from T-Mobile will be live saving for me as I travel to Asia next week. I haven’t experienced SMS feature w/ T-Mobile in Asia yet but I have read glowing reports from business folks who had used it (you could Google it). As I said I am trying to avoid the pains accessing my e-mails as I travel and try to prepare the best I can but will see… Good luck!

  9. My hubby can’t get into to his emails because he as a new phone number and we he trying to get in it saying we send u a code but causehis as a new phone he can’t get the code wot can he do

  10. Regarding your, “we need to talk about XP”, video.
    I am using my XP comp. as a video editing machine only
    No email or going on line at all
    Would I be correct in thinking that I could go on for years until the next video editing disc update is too much for the XP box or I suffer internal failure.
    Seems to me the answer is yes I can until the pigeons come home to roost
    Rudi

    • As long as you’re never transferring data to and from that machine, and it never goes on line, sure. My guess is you ARE transferring data to and from that machine, so you’ll need to take extra steps to stay safe, since that transfer can unknowingly include malware if you’re not careful.

    • I remember that were so many viruses which propagated from diskette to computer before the internet was widely used. I remember dialing up to McAffee to get virus definitions for my DOS machines in the 80s and pre-internet days. Believe me there were plenty of non-internet transmitted viruses. Anything which can transfer files to your computer can transfer viruses. After all a virus is just a file. From my experience, I got more viruses pre-internet than after. I believe that’s due to better real time virus detection which is not available in non-updated systems.

  11. Generally good information, but I think some dis-information about providers requiring mobile phone numbers as a “back up”.
    First, all mobile carriers are participants in the data mining industry, either passively or actively. They will sell (or trade) lists of their active numbers with data brokers (ie Acxiom). Additionally we all know that cell providers actively track your location using various methods (tower triangulation)… they sell this data too, though they will say it has been anonymized. Sure it has, until the data broker compiles it with other data, and bingo… a profile is built that they then sell … to anyone… including the intelligence agencies and foreign corporations. This is only one small part of the data that is compiled on every one of us.

    So if you don’t care about your privacy, then make it easier for Yahoo or Google or Facebook to cross reference you to everything.
    Give them your mobile number, first middle and last name, date of birth, and shoe size (forget that, they have your zappos “My Favorites” already)

    • I’m not really concerned by what amounts to a conspiracy theory. To the extent your information might be used, they don’t care about you as an individual, they just collect massive amounts of data to track and use trends over large populations.

      For most people, in my opinion, the benefits of the added account security and recoverability far outweigh any perceived privacy risk.

  12. One thing you don’t mention, but which “should be” obvious…

    When you set up those alternate email accounts to act as a recovery address for your mail account, don’t forget to set up recovery methods for them as well.

    And don’t use the same email provider for the recovery address. (ie: don’t use a gmail address as a recovery method for your gmail account.)

  13. All good points, my problem is I’m drowning in passwords. Unfortunately Windows updates play havoc with MY StuFF. The other day Mail was GONE. No icon, nothing. Gritted my teeth and held my tongue just the right way and got it back more by luck than good management. I said some very bad words!

    • You’d have to supply more information for anybody to be able to help you. Which email program or we mail site are you using? Who is your email service provider? Phone, computer or tablet? Are you able to log in to your account on their web site?

  14. I’ve had the same email account for a couple of years. But lately. Microsft has changed the way I need to check my emails. As such, I cannot access any emails from my Outlook Account. Please help? Thank you

  15. This is an excellent advice. It works well if you trust that a big corporation like Google will never be tempted use your identity data to connect your various interests (hence, multiple accounts) with your real identity (true name, telephone number, cc card number for Google store, your geolocation, names of wifi wans your machine or phone detect, etc). Oh wait, they are in the business of advertising and selling your information, aren’t they? Never mind.

    • It’s excellent advice if you want to recover your hacked account. If you don’t trust the service … then don’t use the service.

  16. I suppose this is just a comment; with no solution. You mention about giving your phone number when trying to retrieve an online account. Most of them assume that you have a smart phone that can access text messages. I don’t, so I’m lucky my bank will call my land line with a code number.

  17. i cannot provide search at tp as account is disabled. my phone and devices are hacked. it does no good to change anthing because the ha offcker has it redone before i can get off thhe page. i have let this almost destroy my life. my bank account information and a pament plan with other users? are listed and i did not do it i have all the info to help someone discover this person i pray its not who i think it is. i want my pics. call me on m husbands phone {phone number removed – do not post personal info}

  18. Recently I’ve noticed two issues on the Gmail Help Forum.

    1) Users who have BOTH phone and alternative email address configured as backup options, but the system defaults to using phone only. No way to force it to send recovery to the email address when the phone is lost or inaccessible.
    2) Users who have a new phone number and attempt to update it on the security page, but the system insists on verification via a code to the previously listed phone number which is now no longer available.

    Is Gmail being unnecessarily over secure? What can be done when this impossible scenario presents itself?

  19. Hackers can bypass 2SV – your mobile phone provider is the “weakest” link. A hacker can get phone carriers changed.

    The chances of losing access to accounts these days have grown considerably, as for email accounts well these are quite easy to gain access to for a hacker. The information people use to regain access like email addresses etc is just more information the hacker can use, so this makes 2SV quite useless in many cases.

    As for Facebook, well as a security advisor I would not entertain even having an account with them.

  20. Hey Leo,

    I am in need of adding a new email account with Google and would like to import all my older email over to new acct.
    Is this safe or something to avoid?
    Or would it be safer to just forward each one over to new acct?
    I know gmail has an import feature within the cloud but not sure how safe that it either.
    What do you recommend?

    Thanks!

    • Honestly, it depends on your specific needs. I wouldn’t bother. I’d set up thunderbird to download all email from the old account, and then simply start a new one with no import.

      • Ok but what if i don’t use Thunderbird or Firefox. Is that the only way to save or transfer them over?
        I went to the website you posted about an email check to see if its ever been breached, results not good.
        So merely i”m wanting to just save important emails or transfer ones I honestly need. Is their google to google
        gmail transfer that works but would keep my new acct address from being compromised?

        • You could configure the new account to pick up email from the old using POP3 or IMAP, but if you’re going through that trouble why not ALSO use a PC and get your email backed up at the same time?

          These breaches are out of your control. Switching email addresses will NOT prevent additional breaches on old or new account. In fact, I don’t recommend switching email addresses or accounts when this happens — there’s no point. Follow best security practices, including long/strong password and two-factor authentication when available. That’s the best you can do, on the existing account or the new one.

Leave a reply: