False password reset request
-
I got an email this morning claiming I sent a request to change my password. I did not. I didn’t respond to, as it instructs if it’s a mistake, but that’s making me concerned just the same.
bwspotlight.com is the site they tried to change. It’s my main site (the only one not using a WordPress url) so I really don’t want to lose that one. I don’t want to lose any of them really but that’s the one I put the most work into.
The blog I need help with is: (visible only to logged in users)
-
Hi there,
There is nothing you can do about false password resets. They’re frustrating, I agree, but anyone who has your username (which is easily accessible) can request one.
But for your peace of mind, there are still security precautions you should always take. Make sure your password is strong: https://en.support.wordpress.com/selecting-a-strong-password/
I’d also suggest highly recommend using 2 Step Verification: https://en.support.wordpress.com/security/two-step-authentication/
Consider disabling or changing your Post by Email address, but most importantly, ensure that nobody knows it, once/if you get your site back: https://en.support.wordpress.com/post-by-email/
Also, ensure you turn on two step authentication on your email – I can’t stress enough how important that can be, regardless of what other services you use. If you need help with doing that, let us know your email provider and we’ll try to assist.
But don’t worry too much about the false password reset, it’s a fairly common occurrence, and doesn’t require any technical/hacking skills. :)
-
They didn’t get my site. The email said to ignore it if it was in error so I didn’t confirm the change. And I think my password is pretty good. I’ll have to look into the rest of the suggestions though. Thanks.
-
- The topic ‘False password reset request’ is closed to new replies.
WordPress.com Forums 