Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

70 comments on “A One-step Way to Lose Your Account … Forever”

  1. There’s one way to lose your account even if you do those things. If a hacker changes all of this recovery information. Some services protect against this by using 2 step verification and not changing your password or alternate address or phone numbers until you’ve entered the code they send you.

    One mechanism I’ve thought of which I think would work would be for the web sites to have an “I believe my account was hacked, please send recovery information to a previous email address or phone number” link to be able to recover the account even if hackers have changed the recovery information.

    Facebook has a good mechanism for protection against account loss info by allowing you to designate friends who can vouch for you. I highly recommend people to enable that feature.

    There’s also one thing to watch out for in providing an alternate email account. If you plan to travel abroad, make sure your alternate email addresses don’t require 2 step verification if you try to access your account from abroad. I have an account with softhome.net as a last resort for that purpose. They are a little known provider and don’t implement 2 step authentication.

      • Someone changed my email on POF, Plenty of Fish dating site and sent out many messages and changed my profile. I received an email from POF stating my email was changed and to notify them if it was not authorized. I sent 3 replies telling them I did not change my email and to please close my account. They have not replied. Now some hacker has access tonmy main email address, password ( for that site) and my personal information. I feel so violated and worry that this hacker can steal all my other personal information from other sites that uses my email address. What can be done to get POF to respond and help? How can my personal information be protected? I am freaking out about this? How could this happen? Doesn’t POF have any security measures on their site?
        Has anyone else faced this nightmare and what can be done? How can I secure my email and be sure my account wasn’t hacked? I am sending this question from my alternate email address, not the one I believe has been compromised. How will I know for sure if someone is using my email address? Please help me!

        • I can’t suggest anything other than to follow the channels POF has for account recovery. If you used the same password for POF and any other accounts, you need to change the password and check the recovery information on all of those accounts as the hackers can try that password out on other accounts.In fact, I’d consider changing the passwords to all my accounts.
          See the following article for how to secure your accounts. The article is about securing email accounts but steps 1,2,5, & 6 apply to all hacked or potentially hacked accounts.
          https://askleo.com/email_hacked_7_things_you_need_to_do_now/

  2. Yes I know someone or others who are doing this for reason I don’t know I have tried to stop it but they are too over doing it where they even know when I go and have others watch my house, Its not family. If these people would have just stopped others wouldn’t have to take action..Thanks Janet

  3. People, enable these recovery options! I personally forgot the password to my microsoft email (it is on one of networks set up by Microsoft: hotmail, live, or outlook) which is linked to my microsoft account.

    Luckily, the info was updated and the alternative email was in place. They just needed to be used.

    I got my account back through the alternative email address recovery option since my phone’s battery was dead and was charging.

    Seriously: If you want your account back, put recovery information into it to access it. You never know when it will be useful.

  4. I have set up accounts at Google Gmail, Yahoo, Hotmail and AOL; each user name and password are written down in very careful letters not penmanship. With that printing in front of me all results are “Wrong user name or password”; If I do not know the password copied from in front of me then who knows more than I? My opinion is natural born (many generation) American citizens are classified as enemies. We USA citizens are a conquered nation. I stated such to Congress when homeland security was being debated before it was established. Do I half to become a foreigner to use e-mail?

    • I think this has more to do with mistyped passwords (yes, still), miswritten passwords, or even hacked accounts. Those are certainly the conclusions I would investigate before assuming there’s some government conspiracy. Nine times out of 10, when you KNOW you’re typing in the correct password and it still tells you you’re wrong, then a hacker has broken in and changed your password on you.

  5. Just an aside from one who has been duped, momentarily at least, with yet another
    free scan and report of 415 registry or other errors in my Windows 7 system. Most of
    these offers are misleading or duplicitous scams. Meanwhile MS says all systems are
    working fine. I liken this to a mechanic who finds your OK running car has some
    problems that he alone can fix. Anyway, enjoy your comments, insights and apparently
    straight shooting ideas and suggestions. JAS, Wisconsin

  6. My Chromebook OS does not support microsoft-outlook or hotmail addresses. Please delete this address: {removed}@hotmail.com
    If you can not delete this hotmail address please advise

  7. There’s a very minor topographical error in this article.

    The second bullet point about the conundrum includes the phrase “or as asked”. The word “as” should be “are”.

  8. I experienced all the pains that people expressed in the comment section following this article and related ones (I read them all). My most frustrated one was recently when I visited my relatives in the NW and I was living in SW at the time. As Leo suggested I had one Hotmail account and my alternate e-mail is Yahoo (vice versa). The fun started when Hotmail required the verification code that they sent to Yahoo account (alternate e-mail) and lo and behold, as I tried to access Yahoo to retrieve the code, Yahoo did the same by denying my access and sent a verification code to my Hotmail account. You can see this clearly is a closed loop and nothing I can do about it. Trying to access my Hotmail account by sending Hotmail proof that I am the owner of the account is a joke. Anyhow things went back to normal when I returned to the SW and I have tried to set up phone numbers for recovery option as I will be travelling overseas very soon. Two things I did were; (1) signed up for Google voice which I was provided a VoIP number and have registered that with Hotmail and it was accepted but not Yahoo (Yahoo responded that they currently don’t accept VoIP number), and (2) updated my T-Mobile cell account (Clarification: I neither own T-Mobile stocks nor work for T-Mobile) with text option (I was told I could receive text for free in countries that T-Mobile has services or affiliated with the local phone services). This SMS feature from T-Mobile will be live saving for me as I travel to Asia next week. I haven’t experienced SMS feature w/ T-Mobile in Asia yet but I have read glowing reports from business folks who had used it (you could Google it). As I said I am trying to avoid the pains accessing my e-mails as I travel and try to prepare the best I can but will see… Good luck!

  9. My hubby can’t get into to his emails because he as a new phone number and we he trying to get in it saying we send u a code but causehis as a new phone he can’t get the code wot can he do

  10. Regarding your, “we need to talk about XP”, video.
    I am using my XP comp. as a video editing machine only
    No email or going on line at all
    Would I be correct in thinking that I could go on for years until the next video editing disc update is too much for the XP box or I suffer internal failure.
    Seems to me the answer is yes I can until the pigeons come home to roost
    Rudi

    • As long as you’re never transferring data to and from that machine, and it never goes on line, sure. My guess is you ARE transferring data to and from that machine, so you’ll need to take extra steps to stay safe, since that transfer can unknowingly include malware if you’re not careful.

    • I remember that were so many viruses which propagated from diskette to computer before the internet was widely used. I remember dialing up to McAffee to get virus definitions for my DOS machines in the 80s and pre-internet days. Believe me there were plenty of non-internet transmitted viruses. Anything which can transfer files to your computer can transfer viruses. After all a virus is just a file. From my experience, I got more viruses pre-internet than after. I believe that’s due to better real time virus detection which is not available in non-updated systems.

  11. Generally good information, but I think some dis-information about providers requiring mobile phone numbers as a “back up”.
    First, all mobile carriers are participants in the data mining industry, either passively or actively. They will sell (or trade) lists of their active numbers with data brokers (ie Acxiom). Additionally we all know that cell providers actively track your location using various methods (tower triangulation)… they sell this data too, though they will say it has been anonymized. Sure it has, until the data broker compiles it with other data, and bingo… a profile is built that they then sell … to anyone… including the intelligence agencies and foreign corporations. This is only one small part of the data that is compiled on every one of us.

    So if you don’t care about your privacy, then make it easier for Yahoo or Google or Facebook to cross reference you to everything.
    Give them your mobile number, first middle and last name, date of birth, and shoe size (forget that, they have your zappos “My Favorites” already)

    • I’m not really concerned by what amounts to a conspiracy theory. To the extent your information might be used, they don’t care about you as an individual, they just collect massive amounts of data to track and use trends over large populations.

      For most people, in my opinion, the benefits of the added account security and recoverability far outweigh any perceived privacy risk.

  12. One thing you don’t mention, but which “should be” obvious…

    When you set up those alternate email accounts to act as a recovery address for your mail account, don’t forget to set up recovery methods for them as well.

    And don’t use the same email provider for the recovery address. (ie: don’t use a gmail address as a recovery method for your gmail account.)

  13. All good points, my problem is I’m drowning in passwords. Unfortunately Windows updates play havoc with MY StuFF. The other day Mail was GONE. No icon, nothing. Gritted my teeth and held my tongue just the right way and got it back more by luck than good management. I said some very bad words!

    • You’d have to supply more information for anybody to be able to help you. Which email program or we mail site are you using? Who is your email service provider? Phone, computer or tablet? Are you able to log in to your account on their web site?

  14. I’ve had the same email account for a couple of years. But lately. Microsft has changed the way I need to check my emails. As such, I cannot access any emails from my Outlook Account. Please help? Thank you

  15. This is an excellent advice. It works well if you trust that a big corporation like Google will never be tempted use your identity data to connect your various interests (hence, multiple accounts) with your real identity (true name, telephone number, cc card number for Google store, your geolocation, names of wifi wans your machine or phone detect, etc). Oh wait, they are in the business of advertising and selling your information, aren’t they? Never mind.

    • It’s excellent advice if you want to recover your hacked account. If you don’t trust the service … then don’t use the service.

  16. I suppose this is just a comment; with no solution. You mention about giving your phone number when trying to retrieve an online account. Most of them assume that you have a smart phone that can access text messages. I don’t, so I’m lucky my bank will call my land line with a code number.

  17. i cannot provide search at tp as account is disabled. my phone and devices are hacked. it does no good to change anthing because the ha offcker has it redone before i can get off thhe page. i have let this almost destroy my life. my bank account information and a pament plan with other users? are listed and i did not do it i have all the info to help someone discover this person i pray its not who i think it is. i want my pics. call me on m husbands phone {phone number removed – do not post personal info}

  18. Recently I’ve noticed two issues on the Gmail Help Forum.

    1) Users who have BOTH phone and alternative email address configured as backup options, but the system defaults to using phone only. No way to force it to send recovery to the email address when the phone is lost or inaccessible.
    2) Users who have a new phone number and attempt to update it on the security page, but the system insists on verification via a code to the previously listed phone number which is now no longer available.

    Is Gmail being unnecessarily over secure? What can be done when this impossible scenario presents itself?

  19. Hackers can bypass 2SV – your mobile phone provider is the “weakest” link. A hacker can get phone carriers changed.

    The chances of losing access to accounts these days have grown considerably, as for email accounts well these are quite easy to gain access to for a hacker. The information people use to regain access like email addresses etc is just more information the hacker can use, so this makes 2SV quite useless in many cases.

    As for Facebook, well as a security advisor I would not entertain even having an account with them.

  20. Hey Leo,

    I am in need of adding a new email account with Google and would like to import all my older email over to new acct.
    Is this safe or something to avoid?
    Or would it be safer to just forward each one over to new acct?
    I know gmail has an import feature within the cloud but not sure how safe that it either.
    What do you recommend?

    Thanks!

    • Honestly, it depends on your specific needs. I wouldn’t bother. I’d set up thunderbird to download all email from the old account, and then simply start a new one with no import.

      • Ok but what if i don’t use Thunderbird or Firefox. Is that the only way to save or transfer them over?
        I went to the website you posted about an email check to see if its ever been breached, results not good.
        So merely i”m wanting to just save important emails or transfer ones I honestly need. Is their google to google
        gmail transfer that works but would keep my new acct address from being compromised?

        • You could configure the new account to pick up email from the old using POP3 or IMAP, but if you’re going through that trouble why not ALSO use a PC and get your email backed up at the same time?

          These breaches are out of your control. Switching email addresses will NOT prevent additional breaches on old or new account. In fact, I don’t recommend switching email addresses or accounts when this happens — there’s no point. Follow best security practices, including long/strong password and two-factor authentication when available. That’s the best you can do, on the existing account or the new one.

    • As outlined in the article you just commented on if you don’t have recovery information and you don’t know your own password then you may not be able to log in. You may have lost your account forever. We cannot help.

    • If you don’t have access to the recovery email account or phone number, it’s likely your account is unrecoverable.

  21. I am having problems. I got a new phone (same phone number and same provider). It won’t let me access my facebook because the code generator will not come to me through text. I have done the picture with the code and sent it in and I have done the ID thing and sent it in also. But nothing happens how long does it usually take for someone to receive that and let you in? Do you receive an email? I have pictures on there of my deceased mom so any help would be greatly appreciated!

  22. I need help recovering my fb account. I have done this beofor and used pics to prove I knew the peope on my friends list. and I cant for the life of me remember how to do it.

  23. I can’t get in to my Amazon account . In UK . It won’t let me because old email , live mail hasn’t worked for a while and my iPhone no is not any use to them . They need a new password but that involved contacting them by phone . I did this and spoke to their call centre in India . Their agent asked for my card no to authenticate my account . Then they transferred me to another agent to purportedly get my account sorted . But they were criminals who hacked my bank account and took money by tricking me.
    It was unbelievable . Amazon cannot be safely contacted and it’s a disgrace . Can’t email them as they need me to go through my account !!!

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.