If you receive a New Device Login email from Privacy and you do recognize the information listed, no worries! Just enter the one-time passcode listed in the email, and you'll be back to paying with Privacy.
If you receive a New Device Login email from Privacy and you don't recognize the information listed, we recommend taking the following steps to secure your account:
Change your password
Enable App-Based Two-Factor Authentication (2FA)
App-based 2FA is more secure than email or SMS 2FA. This method requires a two-factor authentication app that supports TOTP (Google Authenticator, 1Password, or Authy are a few recommended options).
To set up 2FA using an authenticator app, log into your Privacy Account from a web or mobile browser and visit your Account page. Then, look for Two-Factor Authentication and choose Authentication App.
Next, scan the QR code using the camera on your mobile device, or enter the 16-digit key into your authenticator app of choice. Once complete, enter the one-time access code your app generates to confirm.
Secure your email account
Anyone who has access to your email account may also be able to access your Privacy Account. Change your email password regularly and enable 2FA on that account as well if it's available.
For more info on how to do this, please contact your email provider's support team.
I've followed these steps and my account is secure. But how did someone else get my password?
Passwords can be obtained in multiple ways. Here are a few common examples:
If you used the same passwords on multiple sites, someone could have obtained the password you use for Privacy from another account or service that stores them improperly.
This type of attack occurs when someone (typically through email, or by using a fake site that looks similar to sites you already use) tries to trick you into sharing your personal information online. Privacy will never ask for your password through email. If you're unsure if an email you receive is really from Privacy, please contact us directly at firstname.lastname@example.org and we will confirm.
This type of attack is a program that logs the passwords you type into your browser as you input them. Check your browser regularly for suspicious add-ons or plugins, and make sure both your browser and operating system are updated to the latest version.
If you have further questions or are concerned about the security of your account, write to us using this submission form.