Helping people with computers... one answer at a time.

A password reminder that isn't expected can be startling. An unexpected password reminder could be due to many things. The best thing is to ignore it.

On my Hotmail account I received an email from AOL stating "here is your password you have requested" and it gave me the correct password to an old email account that I have not used in years. No one from my household requested a forgotten password. Why would I receive this email? Is this something a virus could do or an outside source? I am concerned someone out there is trying to gain access to my computer.

It's kinda spooky when that happens, but happen it does. It's particularly unnerving when the password reminder is "correct" - meaning that it's reminding you of your correct password. That tells us something, but for the most part what to do next is usually the same regardless.

Since the reminder included your actual password, you know it's real. In your case, it's a real password reminder generated from AOL in response to someone asking for it. Had it not had your correct password, I would have immediately assumed it was nothing more than a phishing attempt.

I can think of several ways this might happen:

  • Someone entered your email address on an AOL password reminder form. I'm not really sure why they would do this intentionally, unless they thought that the password would be displayed instead of emailed. Password reminders are safe explicitly because they're emailed to the account owner - only someone with access to the account would be able to get the reminder. More likely is that someone mistyped their own email address, and entered yours by mistake.

  • If you've registered on a bulletin board, mailing list or a discussion group, you'll usually need to provide a valid email address for activation. That same email address is used to send you your password reminder should you ask for it. Same scenario as above, most likely someone might mistype their registration name, typing yours instead, and any password reminder would get sent to you instead of them.

  • "My money is on someone mistyping or misremembering their own account or email name, and entering yours by mistake."

    Some mailing list software, a package called "mailman" in particular, is configured to send out monthly password reminders by default. If you're on a mailman-hosted mailing list, this might be the cause.

  • There's a small possibility that a web crawler or spider is hitting all links on various web pages, and one of those happened to be a password reminder link with your account. Conceivable, but highly unlikely.

My money is on someone mistyping or misremembering their own account or email name, and entering yours by mistake.

Real or phishing, the next step for you to take is actually quite simple.

Delete the mail.

Don't click on any links in it, don't act on it, just delete it. Whoever requested your password - regardless of their intention - did not get it. You did.

If you are particularly concerned, you might consider changing the password on that account as a precautionary measure.

And finally, let's be clear: this isn't about getting access to your computer, this is about your email or other account on-line. Passwords on and to your computer are not dealt with via email.

Article C2702 - June 24, 2006 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Albert H Dowler JR
June 25, 2006 2:00 PM

I can not access my e-mail on MSN
my other e-mail is
I had tried unsucessfully to download the new messenger. could that be part of the problem?
Albert H Dowler JR
Rose Mary Dowler

October 16, 2006 3:46 AM

i want to get my frind password back

Nicholas Gimbrone
June 23, 2009 7:45 PM

Check the headers, another possibility is that that email was "lost in the ether" for years (e.g. that a server had it queued up, was taken offline for some period of time, brought back online, and emptied its queue... bingo, you get your old email ;-)... its a stretch, but stranger things have happened (I've seen this with emails on the order of a month old ;-).

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.