You’re not really sure How the Heck They Got Your Password, but they did, and now you’re freaking out. The password to one of your accounts has been cracked and you don’t know what to do to get control back of your account.
Let’s look at several things you can do to get control of your account and get things back to a secure state:
If Someone Cracked Your Password But You Can Still Log Into Your Account
The worst case scenario is that your account password gets hacked and the hackers change your password. Hopefully the security questions that you answered when you set up your account will help you regain control of your account and allow you to reset your password back and lock them out.
What if there aren’t any security questions? Many accounts have a password reset process that will allow you to initiate a reset using an email account that you have on file with the account provider. Unless the hacker has changed this email address, you should be able to regain control of your account by having the password reset link sent to your email.
If They’ve Taken Control Of Your Account and Locked You Out By Changing The Password
If the person who cracked your password has locked you out by changing your password then getting it reset might be a little more complicated. You may need to contact the account support line of the account provider and explain the situation, they should be able to verify that you are who you say you are via other means such as by looking at the phone numbers you have on file, verifying your address, or reviewing the answers to your security questions.
Make sure that you inform the account provider that this just happened and that any new information recently added to your account is false and that you want to place your account on hold until everything is sorted out. Reporting the password hack quickly is essential to limiting the damage.
If The Account Was Your Main Email Account
If your main email account is hacked then things can become even more complicated because, chances are, you have a lot of other accounts pointing to your email account for password reset purposes.
Thankfully most email providers have multiple ways of verifying that you are whom you say you are. Follow their account password reset procedures and if all else fails contact their account support.
The next step you should take after resetting your main (hacked) email account password is to change all passwords for any other account that you have that point to that account for password reset purposes. The reason: the password crackers could have initiated password resets for those other accounts.
Steps to Take To Prevent it From Happening Again:
Make Your Next Password Much Stronger
When creating passwords to replace ones that have been cracked, you need to create a much stronger, longer, and more complex password. For tips on creating strong passwords, check out our article: How to Make a Strong Password.
Use Two-factor Authentication If It’s Offered
Another way to prevent future account compromises is to enable two-factor authentication on the accounts that support it. Two-factor authentication usually requires some kind of token, such as a PIN that is sent by the account provider via an already established communication line that you have verified, such as a mobile phone or secondary email account.
Other methods of two-factor authentication use fingerprint readers such as those featured on newer iPhones, iPads, and some Android devices. Linking these devices to your account works in two ways. If you never lose your phone, you will always be notified of when someone or you are accessing online accounts. If you lose your phone, then someone has your whole life in their hands.