Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

5 comments on “Why Can’t I Get My Account Back?”

  1. New Years resolution… every new year check that all your alternate email addresses, phone numbers etc. are correct.

    Thanks Leo, this reminder is timely. As you write in Lesson #1 … maintain account recovery information. It really is NOT once and done, we have to keep at it.

    Happy New Year to Leo, Mark and all the readers.

  2. Some times email gets hacked and someone else gets your password. Going forward, that email address now _usually_ belongs to the hacker and they also have access to all your old email; sent and received. I guess that is one reason why I never leave my email on the email server. I download incoming email to MY computer and it is deleted from the email server. While that won’t help if my email address is “stolen” and a recovery code for some other service is sent to my “stolen” email address, at least the hacker will not be privy to my old email. I only use one device. If you share devices for reading email, downloading your email will usually prevent accessing your saved email on other devices.

  3. I have two email accounts, and I have secured both with a strong password (stored in my password vault) and 2FA so even if some miscreant discovers the password to one of my email accounts (or both), they will not be able to make any changes to any of my profile information/account settings (password, alternate recovery email address, et-al) without the device from which I access my authenticator app.

    On a side note, regarding password security, I saw this item ( that I’m considering testing to replace my password vault. The concept looks very interesting to me. What do you think Leo?


    • If I understand it, it’s still storing SOMETHING, that’s then use algorithmically to reconstruct the password. I’m not seeing a huge difference between that and encrypted passwords. In either case if the master password and algorithm is known, then the passwords — remembered or generated — would be fetchable. I could be wrong, but that’s what I take away from it.

  4. I recently learned about a service for email that promises to strip trackers that are invisible in the email body before the email is delivered to your email mailbox.
    It seems like a legitimate layer of security which could prevent hacking too. Using this “alias”, allows the user to insulate his/her destination email address from anyone you do not fully trust. It also offers the use of disposable addresses too.
    I’d love to hear what you think of this service. Legitimate claims or false hope.


Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.