This article was co-authored by wikiHow staff writer, Sophia Bell. Sophia Bell is a Content Manager on the wikiHow team. Before joining wikiHow, Sophia worked as a technical editor and was published in six International Energy Agency (IEA) Wind Annual Reports. Now, she writes, edits, and reviews articles for the wikiHow Content Team, working to make the content as helpful as possible for readers worldwide. Sophia holds a BA in English from Colorado State University.
This article has been fact-checked, ensuring the accuracy of any cited facts and confirming the authority of its sources.
This article has been viewed 237,440 times.
Learn more...
This wikiHow guide teaches you how to recover and secure a hacked Yahoo email account on any device. You can use your recovery phone number or email address to do so, and you can perform this process on both the desktop and mobile versions of Yahoo Mail.
Recovering Your Hacked Yahoo Account
If you can no longer log in, go to login.yahoo.com/forgot in any web browser to recover your password. Change your password immediately to lock out the hacker, check your security settings, and enable two-step verification.
Steps
Recovering Your Account
-
Go to Yahoo's Sign-in Helper in any web browser. If your Yahoo account was hacked and you can no longer sign in, go to https://login.yahoo.com/forgot in any web browser.
- If you are using a phone or tablet, follow these steps in a web browser instead of the Yahoo Mail app.
- If opening Yahoo Mail takes you to your inbox, the hacker hasn't signed you out. You can skip ahead to Securing Your Account (Desktop) or Securing Your Account (Mobile).
-
Enter your phone number or recovery email and click Continue. In the text box in the middle of the page, type in the phone number or recovery email address you have on file for your Yahoo account.Advertisement
-
Retrieve your verification code. Click Yes, text me an Account Key for a phone number or Yes, send me an Account Key for a recovery email address, then do the following:
- Phone number — Open your phone's messaging app, open the text from Yahoo, and review the 8-character code in the message.
- Email address — Open your recovery email address inbox, open the Recover access to your Yahoo account email from Yahoo, and review the 8-character code in the middle of the email.
- If you entered your Yahoo email address, enter the missing numbers or letters from the recovery option listed, then follow one of the above substeps depending on whether you have a phone number or an email address on file.
-
Enter your verification code and click Verify. Type the 8-character verification code you retrieved into the text box in the middle of the page.
- Yahoo will automatically capitalize any letters.
-
Select your account if prompted. If you have multiple Yahoo accounts that use your phone number or recovery email address, click the one you want to recover to recover your account.
Securing Your Account (Mobile)
-
Tap the "y" icon at the top-right corner. A menu will expand.
-
Tap Manage Accounts. You'll find this option near the top of the pop-out menu.
-
Tap Account info below your Yahoo Mail address.
-
Tap Recent activity. It's near the bottom of the screen.
- If prompted to enter your password (or, on an iPhone, your Touch ID), do so before proceeding.
-
Tap View all recent activities. It's below the short list of recent activities. If your account has been compromised, you'll likely see a location you don't recognize in this list. Changing your password will automatically log your account out on all devices except the one you're using.
-
Change your password. Tap Change your password above the list, and follow the on-screen instructions to create a new password. Once changed, anywhere you (or the hacker) was signed in before will be logged out.
-
Tap the back button and select Security. This takes you to additional security settings for your account.
-
Enable two-step verification. Two-step verification requires you to have access to both your Yahoo login information and a separate form of identification (e.g., your phone or a recovery email address) to log in, making it impossible for anyone who doesn't have access to your phone or recovery address to hack your account.
- Tap Turn on under "2-Step Verification."
- Select a verification method. You can receive your sign-in codes as a push notification in the Yahoo Mail app on your phone or tablet, as a text to your phone number, using an authenticator app, or using a physical security key.
- Follow the on-screen instructions to complete the setup.
-
Check your recovery email and phone number information. If you're no longer on the Security tab, tap the back button, then select Security to return there. Scroll down to the "Verification Methods" section and make any needed changes.
- If you see any unfamiliar email addresses or phone numbers here, tap Remove to remove them.
- Make sure you still have access to the email address and password listed here. If not, tap Add email and Add phone number to add new ones.
-
Check all of your Yahoo Mail settings. After securing your account, go through your Yahoo Mail settings to ensure nothing looks out of the ordinary. The hacker may have changed your name or forwarded your messages to another location. To access your settings, tap the "y" menu and select Settings.
Securing Your Account (Desktop)
-
Click your profile icon in Yahoo Mail. You'll see it at the top-right corner of your inbox when you're signed in.
-
Click Account Info. Doing so opens a new page with your Yahoo account information listed.
-
Click Review recent activity. It's near the bottom of the page.
-
Review your recently signed-in locations. You'll see a list of all the locations where your Yahoo account is logged in.
- If your account has been compromised, you'll likely see a location you don't recognize in this list. Changing your password will automatically log your account out on all devices except the one you're using.
-
Change your password. Click Change your password above the sign-in list, and follow the on-screen instructions to create a new password.
-
Click the Security tab. It's at the top of the page.
-
Turn on Two-Step Verification. Two-step verification is a feature that makes it impossible for someone with just your login information to hack your account—they would also have to have access to your phone or your recovery email address.
- Click Turn on under "2-Step Verification".
- Select a verification method. You can receive your sign-in codes as a push notification in the Yahoo Mail app on your phone or tablet, as a text to your phone number, using an authenticator app, or using a physical security key.
- Follow the on-screen instructions to complete the setup.
- If you clear your current browser's cookies or remove a signed-in location from the Recent activity menu, you'll have to re-validate your account with two-step verification the next time you log in.
-
Check your recovery email and phone number information. If you're no longer on the Security tab, click it at the top of the page to return there, then scroll down to the "How we make sure it's really you" section.
- If you see any unfamiliar email addresses or phone numbers here, click Remove to remove them.
- Make sure you still have access to the email address and password listed here. If not, click Add email and Add phone number to add new ones.
-
Check all of your Yahoo Mail settings. After securing your account, go through your Yahoo Mail settings to ensure nothing looks out of the ordinary. The hacker may have changed your name or forwarded your messages to another location. To access your settings, click Settings at the top-right corner of your inbox.
Community Q&A
-
QuestionCan I recover my account if the hacker already changed the password and secret questions?Community AnswerNot easily. If you have your account linked to another email account it might be possible to reset the password. Personally, I would recommend contacting Yahoo customer service.
-
QuestionYahoo is requesting money and permission to turn my account over to someone to recover it. What should I do?Community AnswerThat is a scam. Delete it and move on.
-
QuestionHow do I stop spam emails after I recovered my hacked Yahoo account?Community AnswerUnsubscribe to all newsletters and delete all of the newsletter emails and spam.
Video
Tips
-
Yahoo has been severely compromised in the past, with literally billions of accounts being hacked.[3]Thanks
-
Most people admit to using the same password for various accounts. If your Yahoo email account was hacked, change your password for all accounts, including social media, if those accounts use the same password.Thanks