"Someone tried to log into your account" message
"Someone tried to log into your account" message
When i get a text with the subject content followed by " if this wasn't you, we recommend you change your password immediately..." My question is ...why? They don't know my password. Why change it? Seems like I get a message like that from 1 of 101 accounts I log into... about once a week.
Last edited by AS7911 on Thu Nov 28, 2024 4:11 pm, edited 1 time in total.
Re: "Someone tried to log into your account" message
Just to be on the safe side, you could change the password. The other possibility is that if you use an aggregator like yodlee, it might result in a similar message.
Does it say where it login from?
Does it say where it login from?
Re: "Someone tried to log into your account" message
Liability reasons. Maybe your pw is weak and since someone is trying to login they might eventually get it. So not only change the pw but make it stronger.
Re: "Someone tried to log into your account" message
All they guessed is the username.
Re: "Someone tried to log into your account" message
Or more likely someone has a similar username and keeps making a typo. I had that happen to me once when I used too common sounding of a username.
"Orangutans are skeptical of changes in their cages"
Re: "Someone tried to log into your account" message
Or the user name is the email address which half the world knows already.
Bad spellers of the world untie |
Autocorrect is my worst enema
Re: "Someone tried to log into your account" message
In a similar vein I don't understand how I have received a 6 digit 2 factors code I did not request. Does that indicate they have my UID and PW to get a 2nd factor code?
Re: "Someone tried to log into your account" message
Possibly, but not necessarily.
I don't want to get into the details for security reasons, but if your phone number accidentally got associated with some random stranger's account they could be triggering them unknowingly. It happened to someone I know.
"Orangutans are skeptical of changes in their cages"
Re: "Someone tried to log into your account" message
+1
It’s easy to mistype a digit and get a valid number.
-
- Posts: 827
- Joined: Thu Mar 06, 2014 9:43 pm
Re: "Someone tried to log into your account" message
But don’t click the link in the email you received! The email itself might be a scam.
Type in the domain name of the website yourself. Then you can go through the change password procedure.
Use a password manager and have a different password on each site. If a hacker penetrates (for example) the Bogleheads web server, you don’t want them using that password at your other sites.
Type in the domain name of the website yourself. Then you can go through the change password procedure.
Use a password manager and have a different password on each site. If a hacker penetrates (for example) the Bogleheads web server, you don’t want them using that password at your other sites.
Re: "Someone tried to log into your account" message
^ This ^ccieemeritus wrote: ↑Fri Nov 29, 2024 9:09 pm But don’t click the link in the email you received! The email itself might be a scam.
Type in the domain name of the website yourself. Then you can go through the change password procedure.
These texts could easily be phishing scams.
Re: "Someone tried to log into your account" message
I would be more concerned that they know your password and failed 2FA. No big deal if you have unique passwords for every site, but if you use the same one everywhere you need to be concerned because not every site has 2FA enabled.
-
- Posts: 2891
- Joined: Sat Apr 09, 2016 5:06 pm
- Location: NYC
Re: "Someone tried to log into your account" message
Or it’s a financial aggregator trying to log in. If OP has any accounts linked to other websites that would do it.
I’d still change passwords just to be safe.
I wonder if things like Schwab or Fidelitys security guarantee would be voided if someone gets such a message but doesn’t change their password.
Re: "Someone tried to log into your account" message
I completely agree. Nothing about it suggests a password compromise and it is well established now that forcing unneeded password changes makes things less secure (people more likely to record them in insecure locations). In this case, the password did its job. Changing the password will not improve the situation.AS7911 wrote: ↑Thu Nov 28, 2024 3:36 pm When i get a text with the subject content followed by " if this wasn't you, we recommend you change your password immediately..." My question is ...why? They don't know my password. Why change it? Seems like I get a message like that from 1 of 101 accounts I log into... about once a week.
Imagine if the physical lock on your home could report "Someone tried to unlock your door with the wrong key. If this wasn't you, we recommend you have all your locks rekeyed immediately." Such as suggestion would be absurd.