Helping people with computers... one answer at a time.
Having control over recovery details is what allows you access back into a hacked account: the goal is to prevent the hacker from controlling that recovery info.
Hi. In the number 344 AskLeo! (I assume you mean my newsletter), you gave info to this effect regarding viruses in Hotmail: try to regain access to your account and change all or as much personal and hinting information as possible.
My question is would it be OK to perform this procedure on other accounts also? Or wait until you detect a problem?
In this excerpt from Answercast #15, I talk about the necessity of keeping your recovery information up-to-date on any email account and what to reset in the event of an attack.
There's nothing wrong with doing that.
In fact, I encourage people to review their alternate and account recovery information periodically to make sure that they remember it or that it's still working.
One of the very common questions I get is from people are in a recovery situation and they suddenly realize that the information (like the phone number or the email address, the alternate email address that they provided when they created the account) is no longer valid and can no longer be used.
So it's a good idea to review it. It certainly doesn't harm anything to change the information periodically.
My take on it is that it doesn't really help anything to change the information.
If you've got good and current recovery information:
... if you've got all that in place, I don't really see a reason to change it.
The reason I suggest that you change it, once your account has been hacked, is that while the attacker has access to your account, they could be setting all those things to something else.
They could (if the information is visible) be reading what you set those things to. With that information in hand (knowing those pieces of information) they could hack your account again after you've recovered it.
The only way to protect yourself after being hacked in a scenario like that is to change not only your password, but every bit of information that could be used to recover your password.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.