how do i fix a hacked account?
-
without my permission a student (?) named phillip an phillipan.wordpress.com has hacked my account and added himself as admin. I want him gone. I am Michael Kucher (email visible only to moderators and staff) who opened the account.
The blog I need help with is: (visible only to logged in users)
-
Only an Admin can add admins to a blog. If you’re an Admin of that blog, and the founding Admin, you can delete him on the Users page of the dashboard of that blog.
Also, fail him.
-
-
If any person or any bot is posting anything to your blog then you have provided them with the ability to do so either deliberately by adding them as official users, or by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
Who, aside from you, has access to your login information?
Go to your email program and change the password to a very difficult one because that’s how many hackers gain access to blogs
1. If you can log-in go here > Users > All Users and delete any user that does not belong there.
2. Disable post by email > http://en.support.wordpress.com/post-by-email/
3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/
4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
6. Set up two step authentication http://en.support.wordpress.com/security/two-step-authentication/
Then read this please knowing that blogs don’t get hacked when security protocols are followed. > http://en.support.wordpress.com/security/
P.S. I flagged this for Staff follow-up.
-
It appears that the blog phillipan.wordpress.com was created by a different user four years ago, and that user added you to their blog as a fellow administrator.
If they were a student of yours, they likely did that so you could have access to their blog.
That user is not an administrator on your own blog, profkucher.wordpress.com.
Did the request to change your account password come from you?
-
Thank you Jackiedana,
Very possible scenario. If that’s the case, how do I remove my affiliation from the account? I tried to delete myself from phillipan but got:
Remove Users from Site
You have specified these users for removal:ID #11537710: profkucher The current user will not be removed.
There are no valid users selected for removal.I did just change my password for profkucher. I might have tried for the other too.
I just want to be unlinked unaffiliated with phillipan…
Is there an way to do that?
-
Hi Michael – No problem, I removed you from that blog. Let us know if you need anything else!
-
- The topic ‘how do i fix a hacked account?’ is closed to new replies.
WordPress.com Forums 