Skip to main content

Update: Ever had a Yahoo account? Take these steps now to protect yourself

yahoo account hack how to protect yourself wr 09 23 01
Image used with permission by copyright holder
In September, Yahoo disclosed that at least a half billion Yahoo accounts were jeopardized by hackers. Names, email addresses, passwords, telephone numbers, dates of birth, security questions and answers, and more were “scraped” from Yahoo accounts in 2014. Now, in December, Yahoo has disclosed again that in August 2013, “an unauthorized third-party accessed our proprietary code to learn how to forge cookies.” The 2013 breach stole data from more than 1 billion user accounts. The information included names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers, but not, says Yahoo, payment card data and bank account information. So if you’re a former or current Yahoo account holder, what does that mean to you and what can you do about it?

Updated on 12-14-2016 by Bruce Brown: Updated to include information released in December 2016 about an additional 1 billion Yahoo accounts accessed in August 2013.

Well first off, take a breath. If nothing horrible has happened to your email or other password protected accounts so far, chances are you’re actually OK, for the moment anyway. But just because nothing has happened yet, that doesn’t mean you’re safe. Sometimes hackers themselves or people who buy hacked account info hoard the data for years before taking action.

So, if you had a Yahoo account anytime before the beginning of 2015, there are several steps you should take to be prudent, whether or not you use your Yahoo account now.

A general warning: Before you start to change passwords or anything else with your accounts, be very careful with any email you receive about the Yahoo security issue. Nothing Yahoo sends will ask you to click links or download attachments. Yahoo will not ask you to supply personal information via email. Even if you receive an email that looks like it’s from Yahoo, if you are asked to click a link, download an attachment, or provide personal information, the email was not actually sent by Yahoo and may be from someone trying to steal your personal information.

Change your password

Now let’s start with the different actions levels to take, from immediate to very soon.

If you have a Yahoo account, change your password and disable your security questions today. How do you do that? To start, be sure you know your current password — you’ll need it to make changes in any security settings.

In the upper right-hand corner of the Yahoo screen click on the little gear icon. If you see a menu item for “Settings,” that’s not it. Look for “Account Info,” which will probably be at the bottom of the menu. Next, click “Account Security.” At this point you will likely be required to enter your current password.

In the Account Security screen that comes up next, you will see “Change password” and “Disable security questions” in blue type while the other options are in black type. Yahoo has highlighted those two with blue letters because both were potentially compromised. Passwords were taken from all hacked accounts and unencrypted security questions and answers were stolen from many accounts.

When you click Change Password, you’ll see a new screen on which to enter a new password twice. Be sure to make up a brand new password, not one you use on any other account. More on that below.

Also remember you will need to reset your password on other devices where your old password — which will no longer work — may be stored. For example, you may check your email on a smartphone, tablet, or an ebook reader — if so you’ll need to reset each one.

Update: More than one reader has reported that when they tried to reset their Yahoo password using the standard password recovery process they were taken back to the original sign in page. One reader had success with the following, “Simple answer, don’t use password recovery but use the Hacked account or any of the other headings where you get to send a message to a support person. After three or four posts, plus posting on Yahoo Support Facebook page, I received an email from support and the passwords were reset through a Gmail account. Took way longer than I would like but it was much better than setting a completely new account.”

Disable security questions

After changing your password, click “Disable security questions” on the Account Security screen. You’ll see what your questions were, and you’ll be prompted to disable them to protect your account. You can reset your security questions later.

The next screen after disabling your security questions will present any currently listed account recovery email addresses and phone numbers. If you don’t have either, it’s a good idea to set at least one of each so you won’t be locked out of your account.

When you’ve changed your password and disabled your security settings, your Yahoo account is protected. But there’s more to do.

Change similar passwords on any non-Yahoo accounts

Hackers know that many if not most of us reuse the same passwords and security questions. Therefore, if you have ever done that — and if not, you can join a very short list — you will need to change your passwords on your other accounts because they are in jeopardy. Go to all of your other accounts including email accounts, banks accounts, social media accounts, merchant accounts such as Amazon, media accounts like Netflix, and any other online accounts you use and change the passwords. Also, change the security questions and answers for any account where they were required.

There are other measures you can take to protect your accounts including two-factor authentication, using the Yahoo Account Key, or specialized password security programs. The first steps, though, with no delay, are to change your Yahoo password, disable personal security questions, and then sweep through all your existing accounts (and former accounts if you can remember them) and reset all passwords.

Updated on 10-02-2016 by Bruce Brown: Updated to include reader suggestion to get password change assistance from Yahoo support.

Editors' Recommendations

Bruce Brown
Digital Trends Contributing Editor Bruce Brown is a member of the Smart Homes and Commerce teams. Bruce uses smart devices…
How to download YouTube videos on PC, iOS, Android, and Mac
A smartphone displaying YouTube on its screen as it lays on top of a laptop's keyboard.

If you're a YouTube fan like us, you might want to know what the most viewed YouTube videos are, and how to download YouTube videos.

Downloading a video from YouTube doesn’t seem like a big deal at first glance, but it comes with ethical concerns to consider, depending on the original post’s intent. As we've already mentioned, it's something Google definitely doesn't want you doing — it's a clear violation of YouTube's Terms of Service, but it's even more important to keep the original content creators in mind.

Read more
A new Best Buy sale just started – our 11 favorite deals
Presidents Day sales with electonic devices packed in open boxes.

If you've been looking to do some shopping recently but haven't found the best time, you're in luck! Best Buy has just started an excellent weekend sale with many different products, but, to help save you some hassle, we've collected our 11 favorite deals from the bunch, ranging from robot vacuums to gaming laptops. So, without further ado, let's dive right in!
Shark ION Robot RV761 -- $143, was $260

If you're looking to dip your toes into robot vacuums without spending a lot, the Shark ION Robot RV761 falls within the Shark Ion 700 range and has a few nifty features, making it a good starting robot vacuum. For example, it has a triple brush mechanism that makes it great for picking up pet hair and does relatively well on carpeted flooring. It also has its own that allows you to schedule and control it to fit your schedule, and it comes with sensing technology that lets it avoid bumping into things. On the other hand, it doesn't have home mapping, which is great for the privacy-minded, but that does mean the occasional bump does happen. The Shark ION RV761 has about 90 minutes of battery life before it takes itself in for recharging.

Read more
When is Prime Day 2023? Dates confirmed for the shopping event
Best Prime Day 2022 Deals graphic with multiple products.

After weeks of speculation, we finally know when Prime Day 2023 is kicking off. Amazon has announced that the event will start July 11 at 3AM ET and will run through July 12. As always, Prime members can score some fantastic deals from the sale with popular brands like Peloton, Victoria's Secret, YETI, and Sony just some of the names being touted by Amazon as featuring in the big sale. Members will also be able to shop more deals on small business products than ever before too. As always, expect great discounts on Amazon-owned properties like Kindles, Ring doorbells, Amazon Echo units, and so much more. It's the sale we've all been waiting for since Black Friday.

The Prime Day deals promise to drop every 30 minutes during select periods with deep discounts expected. Select discounts on other Amazon-related things are already available such as 20% off in-store purchases at

Read more