Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

35 comments on “Who’s Trying to Change My Password? Why It Happens and What to Do”

  1. I don’t know what to do. I think my email has been hacked or phished. I don’t know if Hotmail is really Hotmail. or not. I have seen my Hotmail account send email to myself {email address removed} to {email address removed} for drugs and Russian dating sites. How do I know who is real and who is not. How do I know whos links are the real links and not the hackers? Please if you what should my IE internet options be set at for the safest possible. How do I if this is really your page and getting to you?

    Thanks for your help!

    Reply
  2. I know of many Yahoo and MSN users who have either closed their accounts or have just left them for some other more secure account because of this problem, I know that Yahoo and MSN are in the act of improving their security and infact yahoo should have ssl by the 8th of Jan they say? Expect problems when they do. Because of personal settings?
    I dont know if Microsoft has fixed the problem yet but there was a problem with ssl and outlook in Office?
    These are all things that should have been done long ago like google did with Gmail.

    Reply
  3. I don’t know if my email was hacked, but somehow my facebook email address was changed to my gmail one, but my password is still the same. I can still log into my facebook account no matter what email address I use.

    Reply
  4. I recently logged into an old e-mail address I use occasionally, and found that someone had changed the password. After securing my account, I found out that they had been using it for months, and had even set up an Instagram account using my e-mail address. I thought about deleting the account, or doing something else to get back at them, but decided against it. A few days later, when I tried to log into the account, I found out that they had managed to change the password again. So I secured my account again, this time making sure it was more secure than before. This was in November, and after that I got busy with the holidays, so I didn’t bother checking the account again until today. And guess what? They had somehow gotten into it again. I don’t know how this was possible, as I had done everything I could to secure it – change the password, change the recovery e-mail address, etc. But this time I added a phone number, and made sure you needed a two-step process to log in: you’d need to get a verification code texted to you, and then you could sign in normally.

    When I looked at the e-mails, I saw that someone had sent them an e-mail with some photos. And the e-mail address was very similar to mine (only different by one letter). And in the photos I recognized the person who had set up the Instagram account. She had also used her real name to go along with the e-mail account, so now I know her name and what she looks like. I was also able to locate her Facebook page, where I found her current city, birth city and birthdate.

    So now that I have all this information, what should I do? Go to the police? I have my account back (for the time being), but who knows for how long, or what she will do again, to me or someone else.

    Reply
    • This sounds very strange as email accounts shouldn’t be that easy to hack into, especially with 2 factor authentication. I’d make sure to check all of the recovery information, as it seems the only way she could have got in to the account would have been to add her own recovery info. Check to make sure that there aren’t any other email addresses or phone numbers that aren’t yours listed as a recovery method.
      Since you have her contact info, you might want to warn her that you know who she is and tell her that you’ll go to the police if she doesn’t stop hacking into your account.

      Reply
  5. I do NOT have an Instagram account but i got a txt with a passcode in it and i want to know who is using my #
    I expect to hear from this matter within 24 hrs or i will make other arrangements

    Reply
    • Contacting law enforcement is the best thing you can do in a case like that. Only law enforcement officials can get access to the information you are looking for. Taking matters into your own hands can often backfire and get you into trouble.

      Reply
  6. I have My password to this boy I know on my instagram account and he tried to login and now my account is saying that there is suspicious activity in my acc and so idk what to do now.

    Reply
  7. hi,

    cut the story short, i have a family member who was my security email, fell out and now this person keeps trying to get into my emails. i changed the security email to another and it says 30days till this changes over, changed my password and a few other things like postcode, details, in the mean time can this person still try get into my account if they click on forgot password and send the verification code to their email address can they still access my account. get into my emails.

    Reply
  8. i have someone gmail address and password what should i do that when i change his id password then after he will not able to change because the id is created with his number

    Reply
    • If you change his password or even access his account, you are breaking the law and subject to criminal charges.

      Reply
  9. My account is getting locked continuously. Someone is deliberately giving wrong passwords just to lock my account…..What should I do in this case?

    Reply
  10. i have my account but any one change my account password or recovery number or email address and password or i didn’t know how to get it back
    plz help me

    Reply
  11. if you get an email from facebook telling you someone tried to log into your account,
    do not click on anything and report it to phish@fb.com matter of fact,
    just about any reputable company has an email address to report suspicious
    emails to. all one has to do is type in the address bar
    report scam emails to (company name).

    Reply
    • I’m not convinced that “any reputable company” has such a mechanism, and even for those that do whether it does any good at all. Facebook’s was established in 2012, and I can’t say it’s helped.

      Reply
      • i often report scam emails to FB and other sites. it doesn`t
        stop them completely but they are gone for a few weeks.
        the more people that report them will force the sites to
        take action.
        just deleting them allows them to continue to scam the
        more gullible. if it doesn`t help, i`ve done no harm. and it
        only takes a few seconds to report it.

        Reply
  12. Over the last 4-6 weeks, I’ve been facing attacks using my primary email account on many of my accounts. In two cases after repeated attempts of using a ‘reset my password’ link, they were actually able to change my password. In one of those two cases, they used that password to change the email on the account, so I no longer have access to it. (I’m still working to get that account back under control.) In the meantime, I’ve been working to get all of my accounts changed to use other email addresses to try and stop the constant attacks.

    Reply
  13. Another way of telling if an email is spam or not is to simply place your cursor over the sender’s name and see what shows up. I get a lot of the ones that say that someone tried to log into my Bank Of America account or my Amazon account and that I should click on this link to correct it. NEVER click the link. When I put my cursor over their name it will often show up a long address and sometimes end in a weird set of letters like .eu or something like that. I don’t open them since I don’t have either account but it is nice to see where they are coming from.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.